Latest CVE Feed

  1. Home
  2. Vulnerabilities
  3. Latest
Following is the list of latest published vulnerabilities. You can filter the list based on the severity of the vulnerability, whether it is actively exploited (also known as CISA KEV List) or remotely exploitable. You can also sort the list based on the published date, last updated date, or CVSS score.
Latest Critical Actively Exploited Remotely Exploitable
Published Last Updated CVSS Score

  • 8.8

    HIGH
    CVE-2018-10986

    OX Guard 2.8.0 has CSRF.... Read more

    Affected Products : ox_guard
    • Published: Jul. 03, 2019
    • Modified: Nov. 21, 2024

  • 8.8

    HIGH
    CVE-2018-10982

    An issue was discovered in Xen through 4.10.x allowing x86 HVM guest OS users to cause a denial of service (unexpectedly high interrupt number, array overrun, and hypervisor crash) or possibly gain hypervisor privileges by setting up an HPET timer to deli... Read more

    Affected Products : debian_linux xen
    • Published: May. 10, 2018
    • Modified: Nov. 21, 2024

  • 6.5

    MEDIUM
    CVE-2018-10981

    An issue was discovered in Xen through 4.10.x allowing x86 HVM guest OS users to cause a denial of service (host OS infinite loop) in situations where a QEMU device model attempts to make invalid transitions between states of a request.... Read more

    Affected Products : debian_linux xen
    • Published: May. 10, 2018
    • Modified: Nov. 21, 2024

  • 7.8

    HIGH
    CVE-2018-10977

    In 2345 Security Guard 3.7, the driver file (2345BdPcSafe.sys, X64 version) allows local users to cause a denial of service (BSOD) or possibly have unspecified other impact because of not validating input values from IOCTL 0x002220E4.... Read more

    Affected Products : 2345_security_guard security_guard
    • Published: May. 10, 2018
    • Modified: Nov. 21, 2024

  • 7.8

    HIGH
    CVE-2018-10976

    In 2345 Security Guard 3.7, the driver file (2345BdPcSafe.sys, X64 version) allows local users to cause a denial of service (BSOD) or possibly have unspecified other impact because of not validating input values from IOCTL 0x00222050.... Read more

    Affected Products : 2345_security_guard security_guard
    • Published: May. 10, 2018
    • Modified: Nov. 21, 2024

  • 7.8

    HIGH
    CVE-2018-10975

    In 2345 Security Guard 3.7, the driver file (2345BdPcSafe.sys, X64 version) allows local users to cause a denial of service (BSOD) or possibly have unspecified other impact because of not validating input values from IOCTL 0x00222104.... Read more

    Affected Products : 2345_security_guard security_guard
    • Published: May. 10, 2018
    • Modified: Nov. 21, 2024

  • 7.8

    HIGH
    CVE-2018-10974

    In 2345 Security Guard 3.7, the driver file (2345BdPcSafe.sys, X64 version) allows local users to cause a denial of service (BSOD) or possibly have unspecified other impact because of not validating input values from IOCTL 0x00222100.... Read more

    Affected Products : 2345_security_guard security_guard
    • Published: May. 10, 2018
    • Modified: Nov. 21, 2024

  • 7.5

    HIGH
    CVE-2018-10973

    An integer overflow in the transferMulti function of a smart contract implementation for KoreaShow, an Ethereum ERC20 token, allows attackers to accomplish an unauthorized increase of digital assets via crafted _value parameters.... Read more

    Affected Products : koreashow
    • Published: May. 10, 2018
    • Modified: Nov. 21, 2024

  • 7.8

    HIGH
    CVE-2018-10972

    An issue was discovered in Free Lossless Image Format (FLIF) 0.3. The TransformPaletteC::process function in transform/palette_C.hpp allows remote attackers to cause a denial of service (heap-based buffer overflow) or possibly have unspecified other impac... Read more

    Affected Products : free_lossless_image_format
    • Published: May. 10, 2018
    • Modified: Nov. 21, 2024

  • 5.5

    MEDIUM
    CVE-2018-10971

    An issue was discovered in Free Lossless Image Format (FLIF) 0.3. The Plane function in image/image.hpp allows remote attackers to cause a denial of service (attempted excessive memory allocation) via a crafted file.... Read more

    Affected Products : flif
    • Published: May. 10, 2018
    • Modified: Nov. 21, 2024

  • 9.8

    CRITICAL
    CVE-2018-10969

    SQL injection vulnerability in the Pie Register plugin before 3.0.10 for WordPress allows remote attackers to execute arbitrary SQL commands via the invitation codes grid.... Read more

    Affected Products : pie_register pie-register
    • Published: Jun. 17, 2018
    • Modified: Nov. 21, 2024

  • 9.8

    CRITICAL
    CVE-2018-10968

    On D-Link DIR-550A and DIR-604M devices through v2.10KR, a malicious user can use a default TELNET account to get unauthorized access to vulnerable devices, aka a backdoor access vulnerability.... Read more

    • Published: May. 18, 2018
    • Modified: Nov. 21, 2024

  • 9.0

    HIGH
    CVE-2018-10967

    On D-Link DIR-550A and DIR-604M devices through v2.10KR, a malicious user can forge an HTTP request to inject operating system commands that can be executed on the device with higher privileges, aka remote code execution.... Read more

    • Published: May. 18, 2018
    • Modified: Nov. 21, 2024

  • 7.5

    HIGH
    CVE-2018-10966

    An issue was discovered in GamerPolls 0.4.6, related to config/environments/all.js and config/initializers/02_passport.js. An attacker can edit the Passport.js contents of the session cookie to contain the ID number of the account they wish to take over, ... Read more

    Affected Products : gamerpolls
    • Published: Jun. 05, 2018
    • Modified: Nov. 21, 2024

  • 6.5

    MEDIUM
    CVE-2018-10963

    The TIFFWriteDirectorySec() function in tif_dirwrite.c in LibTIFF through 4.0.9 allows remote attackers to cause a denial of service (assertion failure and application crash) via a crafted file, a different vulnerability than CVE-2017-13726.... Read more

    Affected Products : ubuntu_linux debian_linux libtiff
    • Published: May. 10, 2018
    • Modified: Nov. 21, 2024

  • 5.5

    MEDIUM
    CVE-2018-10962

    An issue was discovered in Shanghai 2345 Security Guard 3.7.0. 2345MPCSafe.exe, 2345SafeTray.exe, and 2345Speedup.exe allow local users to bypass intended process protections, and consequently terminate processes, because mouse_event is not properly consi... Read more

    Affected Products : 2345_security_guard
    • Published: May. 10, 2018
    • Modified: Nov. 21, 2024

  • 7.5

    HIGH
    CVE-2018-10959

    Avecto Defendpoint 4 prior to 4.4 SR6 and 5 prior to 5.1 SR1 has an Untrusted Search Path vulnerability, exploitable by modifying environment variables to trigger automatic elevation of an attacker's process launch.... Read more

    Affected Products : avecto_defendpoint
    • Published: Apr. 17, 2019
    • Modified: Nov. 21, 2024

  • 6.5

    MEDIUM
    CVE-2018-10958

    In types.cpp in Exiv2 0.26, a large size value may lead to a SIGABRT during an attempt at memory allocation for an Exiv2::Internal::PngChunk::zlibUncompress call.... Read more

    Affected Products : ubuntu_linux debian_linux exiv2
    • Published: May. 10, 2018
    • Modified: Nov. 21, 2024

  • 8.8

    HIGH
    CVE-2018-10957

    CSRF exists on D-Link DIR-868L devices, leading to (for example) a change to the Admin password. hedwig.cgi and pigwidgeon.cgi are two of the affected components.... Read more

    Affected Products : dir-868l_firmware dir-868l
    • Published: May. 10, 2018
    • Modified: Nov. 21, 2024

  • 7.5

    HIGH
    CVE-2018-10956

    IPConfigure Orchid Core VMS 2.0.5 allows Directory Traversal.... Read more

    Affected Products : linux_kernel windows orchid_core_vms
    • Published: Jun. 25, 2018
    • Modified: Nov. 21, 2024
Showing 20 of 293923 Results