• Skip to primary navigation
  • Skip to main content
CVE Vulnerability

CVE Vulnerability

  • CVE’s
  • Products
  • Vendors

CWE-459

CVE-2018-19961

February 26, 2023 by

An issue was discovered in Xen through 4.11.x on AMD x86 platforms, possibly allowing guest OS users to gain host OS privileges because TLB flushes do not always occur after IOMMU mapping changes.

CVE-2018-18924

February 26, 2023 by

The image-upload feature in ProjeQtOr 7.2.5 allows remote attackers to execute arbitrary code by uploading a .shtml file with “#exec cmd” because rejected files remain on the server, with predictable filenames, after a “This file is not a valid image” error message.

CVE-2018-18281

February 26, 2023 by

Since Linux kernel version 3.2, the mremap() syscall performs TLB flushes after dropping pagetable locks. If a syscall such as ftruncate() removes entries from the pagetables of a task that is in the middle of mremap(), a stale TLB entry can remain for a short time that permits access to a physical page after it has been released back to the page allocator and reused. This is fixed in the following kernel versions: 4.9.135, 4.14.78, 4.18.16, 4.19.

CVE-2018-17467

February 26, 2023 by

Insufficiently quick clearing of stale rendered content in Navigation in Google Chrome prior to 70.0.3538.67 allowed a remote attacker to spoof the contents of the Omnibox (URL bar) via a crafted HTML page.

CVE-2018-15407

February 26, 2023 by

A vulnerability in the installation process of Cisco HyperFlex Software could allow an authenticated, local attacker to read sensitive information. The vulnerability is due to insufficient cleanup of installation files. An attacker could exploit this vulnerability by accessing the residual installation files on an affected system. A successful exploit could allow the attacker to collect sensitive information regarding the configuration of the system.

CVE-2018-12332

February 26, 2023 by

Incomplete Cleanup vulnerability in ECOS Secure Boot Stick (aka SBS) 5.6.5 allows an attacker to compromise authentication and encryption keys via a compromised host PC after a reset.

  • Go to page 1
  • Go to page 2
  • Go to page 3
  • Interim pages omitted …
  • Go to page 13
  • Go to Next Page »

Copyright CVE Vulnerabilities 2023
Data Sources:

  • NIST
  • MITRE
  • CVE Search
  • Open CVE