Total
10428 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2018-6476 | 1 Superantispyware | 1 Superantispyware | 2024-11-21 | 10.0 HIGH | 9.8 CRITICAL |
| In SUPERAntiSpyware Professional Trial 6.0.1254, the SASKUTIL.SYS driver allows privilege escalation to NT AUTHORITY\SYSTEM because of not validating input values from IOCtl 0x9C402114 or 0x9C402124 or 0x9C40207c. | |||||
| CVE-2018-6474 | 1 Superantispyware | 1 Superantispyware | 2024-11-21 | 6.1 MEDIUM | 7.8 HIGH |
| In SUPERAntiSpyware Professional Trial 6.0.1254, the driver file (SASKUTIL.SYS) allows local users to cause a denial of service (BSOD) or possibly have unspecified other impact because of not validating input values from IOCtl 0x9C402148. | |||||
| CVE-2018-6473 | 1 Superantispyware | 1 Superantispyware | 2024-11-21 | 6.1 MEDIUM | 7.8 HIGH |
| In SUPERAntiSpyware Professional Trial 6.0.1254, the driver file (SASKUTIL.SYS) allows local users to cause a denial of service (BSOD) or possibly have unspecified other impact because of not validating input values from IOCtl 0x9C402080. | |||||
| CVE-2018-6472 | 1 Superantispyware | 1 Superantispyware | 2024-11-21 | 6.1 MEDIUM | 7.8 HIGH |
| In SUPERAntiSpyware Professional Trial 6.0.1254, the driver file (SASKUTIL.SYS) allows local users to cause a denial of service (BSOD) or possibly have unspecified other impact because of not validating input values from IOCtl 0x9C40204c. | |||||
| CVE-2018-6471 | 1 Superantispyware | 1 Superantispyware | 2024-11-21 | 6.1 MEDIUM | 7.8 HIGH |
| In SUPERAntiSpyware Professional Trial 6.0.1254, the driver file (SASKUTIL.SYS) allows local users to cause a denial of service (BSOD) or possibly have unspecified other impact because of not validating input values from IOCtl 0x9C402078. | |||||
| CVE-2018-6433 | 1 Broadcom | 1 Fabric Operating System | 2024-11-21 | 2.1 LOW | 5.5 MEDIUM |
| A vulnerability in the secryptocfg export command of Brocade Fabric OS versions before 8.2.1, 8.1.2f, 8.0.2f, 7.4.2d could allow a local attacker to bypass the export file access restrictions and initiate a file copy from the source to a remote system. | |||||
| CVE-2018-6407 | 1 Conceptronic | 3 Cipcamptiwl, Cipcamptiwl Firmware, Cipcamptiwl Web Firmware | 2024-11-21 | 7.8 HIGH | 7.5 HIGH |
| An issue was discovered on Conceptronic CIPCAMPTIWL V3 0.61.30.21 devices. An unauthenticated attacker can crash a device by sending a POST request with a huge body size to /hy-cgi/devices.cgi?cmd=searchlandevice. The crash completely freezes the device. | |||||
| CVE-2018-6360 | 2 Debian, Mpv | 2 Debian Linux, Mpv | 2024-11-21 | 6.8 MEDIUM | 8.8 HIGH |
| mpv through 0.28.0 allows remote attackers to execute arbitrary code via a crafted web site, because it reads HTML documents containing VIDEO elements, and accepts arbitrary URLs in a src attribute without a protocol whitelist in player/lua/ytdl_hook.lua. For example, an av://lavfi:ladspa=file= URL signifies that the product should call dlopen on a shared object file located at an arbitrary local pathname. The issue exists because the product does not consider that youtube-dl can provide a potentially unsafe URL. | |||||
| CVE-2018-6320 | 2 Ivanti, Pulsesecure | 3 Connect Secure, Pulse Connect Secure, Pulse Policy Secure | 2024-11-21 | 7.5 HIGH | 9.8 CRITICAL |
| A vulnerability has been discovered in login.cgi in Pulse Secure Pulse Connect Secure (PCS) 8.1RX before 8.1R12 and 8.3RX before 8.3R2 and Pulse Policy Secure (PPS) 5.2RX before 5.2R9 and 5.4RX before 5.4R2 wherein an http(s) Host header received from the browser is trusted without validation. | |||||
| CVE-2018-6298 | 1 Hanwha-security | 4 Snh-v6410pn, Snh-v6410pn Firmware, Snh-v6410pnw and 1 more | 2024-11-21 | 10.0 HIGH | 9.8 CRITICAL |
| Remote code execution in Hanwha Techwin Smartcams | |||||
| CVE-2018-6267 | 1 Google | 1 Android | 2024-11-21 | 9.3 HIGH | 7.8 HIGH |
| NVIDIA Tegra OpenMax driver (libnvomx) contains a vulnerability in which the software does not validate or incorrectly validates input that can affect the control flow or data flow of a program, which may lead to denial of service or escalation of privileges. Android ID: A-70857947. | |||||
| CVE-2018-6243 | 1 Google | 1 Android | 2024-11-21 | 7.2 HIGH | 7.8 HIGH |
| NVIDIA Tegra TLK Widevine Trust Application contains a vulnerability in which missing the input parameter checking of video metadata count may lead to Arbitrary Code Execution, Denial of Service or Escalation of Privileges. Android ID: A-72315075. Severity Rating: High. Version: N/A. | |||||
| CVE-2018-6241 | 1 Google | 1 Android | 2024-11-21 | 7.2 HIGH | 7.8 HIGH |
| NVIDIA Tegra Gralloc module contains a vulnerability in driver in which it does not validate input parameter of the registerbuffer API, which may lead to arbitrary code execution, denial of service, or escalation of privileges. Android ID: A-62540032 Severity Rating: High Version: N/A. | |||||
| CVE-2018-6217 | 1 Kingsoftstore | 1 Kingsoft Wps Office | 2024-11-21 | 4.3 MEDIUM | 5.5 MEDIUM |
| The WStr::_alloc_iostr_data() function in kso.dll in Kingsoft WPS Office 10.1.0.7106 and 10.2.0.5978 allows remote attackers to cause a denial of service (application crash) via a crafted (a) web page, (b) office document, or (c) .rtf file. | |||||
| CVE-2018-6209 | 1 Maxpcsecure | 1 Anti Virus | 2024-11-21 | 6.1 MEDIUM | 7.8 HIGH |
| In Max Secure Anti Virus 19.0.3.019,, the driver file (MaxCryptMon.sys) allows local users to cause a denial of service (BSOD) or possibly have unspecified other impact because of not validating input values from IOCtl 0x220019. | |||||
| CVE-2018-6208 | 1 Maxpcsecure | 1 Anti Virus | 2024-11-21 | 6.1 MEDIUM | 7.8 HIGH |
| In Max Secure Anti Virus 19.0.3.019,, the driver file (MaxProtector32.sys) allows local users to cause a denial of service (BSOD) or possibly have unspecified other impact because of not validating input values from IOCtl 0x22000d. | |||||
| CVE-2018-6207 | 1 Maxpcsecure | 1 Anti Virus | 2024-11-21 | 6.1 MEDIUM | 7.8 HIGH |
| In Max Secure Anti Virus 19.0.3.019,, the driver file (MaxProtector32.sys) allows local users to cause a denial of service (BSOD) or possibly have unspecified other impact because of not validating input values from IOCtl 0x220019. | |||||
| CVE-2018-6206 | 1 Maxpcsecure | 1 Anti Virus | 2024-11-21 | 6.1 MEDIUM | 7.8 HIGH |
| In Max Secure Anti Virus 19.0.3.019,, the driver file (MaxProtector32.sys) allows local users to cause a denial of service (BSOD) or possibly have unspecified other impact because of not validating input values from IOCtl 0x220011. | |||||
| CVE-2018-6205 | 1 Maxpcsecure | 1 Anti Virus | 2024-11-21 | 6.1 MEDIUM | 7.8 HIGH |
| In Max Secure Anti Virus 19.0.3.019,, the driver file (MaxProtector32.sys) allows local users to cause a denial of service (BSOD) or possibly have unspecified other impact because of not validating input values from IOCtl 0x220009. | |||||
| CVE-2018-6204 | 1 Maxpcsecure | 1 Anti Virus | 2024-11-21 | 6.1 MEDIUM | 7.8 HIGH |
| In Max Secure Anti Virus 19.0.3.019,, the driver file (SDActMon.sys) allows local users to cause a denial of service (BSOD) or possibly have unspecified other impact because of not validating input values from IOCtl 0x220019. | |||||