CVE.report search for "CVE-2018-16556"
Listed below are 50 relevant search results for "CVE-2018-16556" based on Vendor, Software, and CVE description
These results are gathered from attempted matches with listed vendor and software data, as well as a keyword search in the description of all known CVEs.
If you notice a "Not Listed" in either the vendor or software columns, know this is due to the data being pulled directly from a github repository, in which the Vendor and Software have not yet been officially listed
Search Results
| CVE ID | Vendor | Software | Description |
|---|---|---|---|
| CVE-2023-26361 | Adobe | ColdFusion | Adobe ColdFusion versions 2018 Update 15 (and earlier) and 2021 Update 5 (and earlier) are affected by an Improper Limitation... |
| CVE-2023-26360 | Adobe | ColdFusion | Adobe ColdFusion versions 2018 Update 15 (and earlier) and 2021 Update 5 (and earlier) are affected by an Improper Access Con... |
| CVE-2023-26359 | Adobe | ColdFusion | Adobe ColdFusion versions 2018 Update 15 (and earlier) and 2021 Update 5 (and earlier) are affected by a Deserialization of U... |
| CVE-2022-47952 | Linuxcontainers | Lxc | lxc-user-nic in lxc through 5.0.1 is installed setuid root, and may allow local users to infer whether any file exists, even ... |
| CVE-2022-41844 | Xpdfreader | Xpdf | An issue was discovered in Xpdf 4.04. There is a crash in XRef::fetch(int, int, Object*, int) in xpdf/XRef.cc, a different vu... |
| CVE-2022-40777 | Interspire | Email Marketer | Interspire Email Marketer through 6.5.0 allows arbitrary file upload via a surveys_submit.php "create survey and submit surve... |
| CVE-2022-40228 | Ibm | Datapower Gateway | IBM DataPower Gateway 10.0.3.0 through 10.0.4.0, 10.0.1.0 through 10.0.1.9, 2018.4.1.0 through 2018.4.1.22, and 10.5.0.0 thro... |
| CVE-2022-39831 | Fedoraproject | Fedora | An issue was discovered in PSPP 1.6.2. There is a heap-based buffer overflow at the function read_bytes_internal in utilities... |
| CVE-2022-37305 | Honda | Honda | The Remote Keyless Entry (RKE) receiving unit on certain Honda vehicles through 2018 allows remote attackers to perform unloc... |
| CVE-2022-34350 | Ibm | Api Connect | IBM API Connect 10.0.0.0 through 10.0.5.0, 10.0.1.0 through 10.0.1.7, and 2018.4.1.0 through 2018.4.1.20 is vulnerable to Ext... |
| CVE-2022-33889 | Autodesk | Autocad | A maliciously crafted GIF or JPEG files when parsed through Autodesk Design Review 2018, and AutoCAD 2023 and 2022 could be u... |
| CVE-2022-33880 | Hospital Management System Mini-project Project | Hospital Management System Mini-project | hms-staff.php in Projectworlds Hospital Management System Mini-Project through 2018-06-17 allows SQL injection via the type p... |
| CVE-2022-32750 | Ibm | Datapower Gateway | IBM DataPower Gateway 10.0.2.0 through 10.0.4.0, 10.0.1.0 through 10.0.1.8, 10.5.0.0, and 2018.4.1.0 through 2018.4.1.21 is v... |
| CVE-2022-32561 | Couchbase | Couchbase Server | An issue was discovered in Couchbase Server before 6.6.5 and 7.x before 7.0.4. Previous mitigations for CVE-2018-15728 were f... |
| CVE-2022-31776 | Ibm | Datapower Gateway | IBM DataPower Gateway 10.0.2.0 through 10.0.4.0, 10.0.1.0 through 10.0.1.8, 10.5.0.0, and 2018.4.1.0 through 2018.4.1.21 is v... |
| CVE-2022-31775 | Ibm | Datapower Gateway | IBM DataPower Gateway 10.0.2.0 through 10.0.4.0, 10.0.1.0 through 10.0.1.8, 10.5.0.0, and 2018.4.1.0 through 2018.4.1.21 is v... |
| CVE-2022-31774 | Ibm | Datapower Gateway | IBM DataPower Gateway 10.0.2.0 through 10.0.4.0, 10.0.1.0 through 10.0.1.8, 10.5.0.0, and 2018.4.1.0 through 2018.4.1.21 is v... |
| CVE-2022-31773 | Ibm | Datapower Gateway | IBM DataPower Gateway V10CD, 10.0.1, and 2018.4.1 is vulnerable to cross-site request forgery which could allow an attacker t... |
| CVE-2022-31587 | Kg-fashion-chatbot Project | Kg-fashion-chatbot | The yuriyouzhou/KG-fashion-chatbot repository through 2018-05-22 on GitHub allows absolute path traversal because the Flask s... |
| CVE-2022-31575 | Livro Python Project | Livro Python | The duducosmos/livro_python repository through 2018-06-06 on GitHub allows absolute path traversal because the Flask send_fil... |
| CVE-2022-31574 | Realestate Project | Realestate | The deepaliupadhyay/RealEstate repository through 2018-11-30 on GitHub allows absolute path traversal because the Flask send_... |
| CVE-2022-31562 | Internshipsystem Project | Internshipsystem | The waveyan/internshipsystem repository through 2018-05-22 on GitHub allows absolute path traversal because the Flask send_fi... |
| CVE-2022-31555 | Nurse Quest Project | Nurse Quest | The romain20100/nursequest repository through 2018-02-22 on GitHub allows absolute path traversal because the Flask send_file... |
| CVE-2022-31534 | Pythonweb Project | Pythonweb | The echoleegroup/PythonWeb repository through 2018-10-31 on GitHub allows absolute path traversal because the Flask send_file... |
| CVE-2022-30529 | Isic.lk Project | Isic.lk | File upload vulnerability in asith-eranga ISIC tour booking through version published on Feb 13th 2018, allows attackers to u... |
| CVE-2022-30528 | Isic.lk Project | Isic.lk | SQL Injection vulnerability in asith-eranga ISIC tour booking through version published on Feb 13th 2018, allows attackers to... |
| CVE-2022-28607 | Isic.lk Project | Isic.lk | An issue was discovered in asith-eranga ISIC tour booking through version published on Feb 13th 2018, allows attackers to gai... |
| CVE-2022-27607 | Axiosys | Bento4 | Bento4 1.6.0-639 has a heap-based buffer over-read in the AP4_HvccAtom class, a different issue than CVE-2018-14531. |
| CVE-2022-27254 | Honda | Civic 2018 | The remote keyless system on Honda Civic 2018 vehicles sends the same RF signal for each door-open request, which allows for ... |
| CVE-2022-25937 | Glance Project | Glance | Versions of the package glance before 3.0.9 are vulnerable to Directory Traversal that allows users to read files outside the... |
| CVE-2022-24696 | Mirametrix | Glance | Mirametrix Glance before 5.1.1.42207 (released on 2018-08-30) allows a local attacker to elevate privileges. NOTE: this is un... |
| CVE-2022-22326 | Ibm | Datapower Gateway | IBM Datapower Gateway 10.0.2.0 through 10.0.4.0, 10.0.1.0 through 10.0.1.5, and 2018.4.1.0 through 2018.4.1.18 could allow un... |
| CVE-2022-21668 | Fedoraproject | Fedora | pipenv is a Python development workflow tool. Starting with version 2018.10.9 and prior to version 2022.1.8, a flaw in pipenv... |
| CVE-2022-0358 | Qemu | Qemu | A flaw was found in the QEMU virtio-fs shared file system daemon (virtiofsd) implementation. This flaw is strictly related to... |
| CVE-2021-45817 | ** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: CVE-2018-11689. Reason: This candidate is a duplicate of CVE-2018-... | ||
| CVE-2021-45421 | Emerson | Dixell Xweb-500 | ** UNSUPPORTED WHEN ASSIGNED ** Emerson Dixell XWEB-500 products are affected by information disclosure via directory listing... |
| CVE-2021-45420 | Emerson | Dixell Xweb-500 | ** UNSUPPORTED WHEN ASSIGNED ** Emerson Dixell XWEB-500 products are affected by arbitrary file write vulnerability in /cgi-b... |
| CVE-2021-45078 | Debian | Debian Linux | stab_xcoff_builtin_type in stabs.c in GNU Binutils through 2.37 allows attackers to cause a denial of service (heap-based buf... |
| CVE-2021-44153 | Reprisesoftware | Reprise License Manager | An issue was discovered in Reprise RLM 14.2. When editing the license file, it is possible for an admin user to enable an opt... |
| CVE-2021-44028 | Quest | Kace Desktop Authority | XXE can occur in Quest KACE Desktop Authority before 11.2 because the log4net configuration file might be controlled by an at... |
| CVE-2021-43697 | Workerman-thinkphp-redis Project | Workerman-thinkphp-redis | Workerman-ThinkPHP-Redis (last update Mar 16, 2018) is affected by a Cross Site Scripting (XSS) vulnerability. In file Contro... |
| CVE-2021-42258 | Bqe | Billquick Web Suite | BQE BillQuick Web Suite 2018 through 2021 before 22.0.9.1 allows SQL injection for unauthenticated remote code execution, as ... |
| CVE-2021-40661 | Mt | Ind780 | A remote, unauthenticated, directory traversal vulnerability was identified within the web interface used by IND780 Advanced ... |
| CVE-2021-38997 | Ibm | Api Connect | IBM API Connect V10.0.0.0 through V10.0.5.0, V10.0.1.0 through V10.0.1.7, and V2018.4.1.0 through 2018.4.1.19 is vulnerable t... |
| CVE-2021-38944 | Ibm | Datapower Gateway | IBM DataPower Gateway 10.0.2.0 through 1.0.3.0, 10.0.1.0 through 10.0.1.5, and 2018.4.1.0 through 2018.4.1.18 is vulnerable t... |
| CVE-2021-38872 | Ibm | Datapower Gateway | IBM DataPower Gateway 10.0.2.0, 10.0.3.0, 10.0.1.0 through 10.0.1.4, and 2018.4.1.0 through 2018.4.1.17 could allow a remote ... |
| CVE-2021-38123 | Microfocus | Network Automation | Open Redirect vulnerability in Micro Focus Network Automation, affecting Network Automation versions 10.4x, 10.5x, 2018.05, 2... |
| CVE-2021-35941 | Westerndigital | Wd My Book Live | Western Digital WD My Book Live (2.x and later) and WD My Book Live Duo (all versions) have an administrator API that can per... |
| CVE-2021-34085 | Mp3gain Project | Mp3gain | Read access violation in the III_dequantize_sample function in mpglibDBL/layer3.c in mp3gain through 1.5.2-r2 allows remote a... |
| CVE-2021-33805 | ** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: CVE-2018-10906. Reason: This candidate is a duplicate of CVE-2018-... | ||