• Skip to primary navigation
  • Skip to main content
CVE Vulnerability

CVE Vulnerability

  • CVE’s
  • Products
  • Vendors

CWE-732

CVE-2018-12457

February 26, 2023 by

expressCart before 1.1.6 allows remote attackers to create an admin user via a /admin/setup Referer header.

CVE-2018-12466

February 26, 2023 by

openSUSE openbuildservice before 9.2.4 allowed authenticated users to delete packages on specific projects with project links.

CVE-2018-12467

February 26, 2023 by

Authorized users of the openbuildservice before 2.9.4 could delete packages by using a malicious request against projects having the OBS:InitializeDevelPackage attribute, a similar issue to CVE-2018-7689.

CVE-2018-12396

February 26, 2023 by

A vulnerability where a WebExtension can run content scripts in disallowed contexts following navigation or other events. This allows for potential privilege escalation by the WebExtension on sites where content scripts should not be run. This vulnerability affects Firefox ESR < 60.3 and Firefox < 63.

CVE-2018-12335

February 26, 2023 by

Incorrect access control in ECOS System Management Appliance (aka SMA) 5.2.68 allows a user to compromise authentication keys, and access and manipulate security relevant configurations, via unrestricted database access during Easy Enrollment.

CVE-2018-12357

February 26, 2023 by

Arista CloudVision Portal through 2018.1.1 has Incorrect Permissions.

  • « Go to Previous Page
  • Go to page 1
  • Interim pages omitted …
  • Go to page 28
  • Go to page 29
  • Go to page 30
  • Go to page 31
  • Go to page 32
  • Interim pages omitted …
  • Go to page 144
  • Go to Next Page »

Copyright CVE Vulnerabilities 2023
Data Sources:

  • NIST
  • MITRE
  • CVE Search
  • Open CVE