• Skip to primary navigation
  • Skip to main content
CVE Vulnerability

CVE Vulnerability

  • CVE’s
  • Products
  • Vendors

CWE-20

CVE-2018-7739

February 26, 2023 by

antsle antman before 0.9.1a allows remote attackers to bypass authentication via invalid characters in the username and password parameters, as demonstrated by a username=>&password=%0a string to the /login URI. This allows obtaining root permissions within the web management console, because the login process uses Java’s ProcessBuilder class and a bash script called antsle-auth with insufficient input validation.

CVE-2018-7753

February 26, 2023 by

An issue was discovered in Bleach 2.1.x before 2.1.3. Attributes that have URI values weren’t properly sanitized if the values contained character entities. Using character entities, it was possible to construct a URI value with a scheme that was not allowed that would slide through unsanitized.

CVE-2018-7761

February 26, 2023 by

A vulnerability exists in the HTTP request parser in Schneider Electric’s Modicon M340, Modicon Premium, Modicon Quantum PLC, BMXNOR0200 which could allow arbitrary code execution.

CVE-2018-7658

February 26, 2023 by

NTSServerSvc.exe in the server in Softros Network Time System 2.3.4 allows remote attackers to cause a denial of service (daemon crash) by sending exactly 11 bytes.

CVE-2018-7679

February 26, 2023 by

Micro Focus Solutions Business Manager versions prior to 11.4 when ASP.NET is configured with execute permission on the virtual directories and does not validate the contents of user avatar images, could lead to remote code execution.

CVE-2018-7577

February 26, 2023 by

Memcpy parameter overlap in Google Snappy library 1.1.4, as used in Google TensorFlow before 1.7.1, could result in a crash or read from other parts of process memory.

  • « Go to Previous Page
  • Go to page 1
  • Interim pages omitted …
  • Go to page 140
  • Go to page 141
  • Go to page 142
  • Go to page 143
  • Go to page 144
  • Interim pages omitted …
  • Go to page 681
  • Go to Next Page »

Copyright CVE Vulnerabilities 2023
Data Sources:

  • NIST
  • MITRE
  • CVE Search
  • Open CVE