Lista CVE 2018/25xxx
CVE nel gruppo: 25xxx
CVE-2018-25044 (N/A)
CVE-2018-25045 (uTorrent Guest Account privileges management)
CVE-2018-25046 (N/A)
CVE-2018-25047 (Path traversal in code.cloudfoundry.org/archiver)
CVE-2018-25048 (N/A)
CVE-2018-25049 (Codesys Runtime Improper Limitation of a Pathname)
CVE-2018-25050 (email-existence index.js redos)
CVE-2018-25051 (Harvest Chosen abstract-chosen.coffee AbstractChosen cross site scripting)
CVE-2018-25052 (JmPotato Pomash editor.html cross site scripting)
CVE-2018-25053 (Catalyst-Plugin-Session Session ID Session.pm _load_sessionid cross site scripting)
CVE-2018-25054 (moappi Json2html json2html.js cross site scripting)
CVE-2018-25055 (shred cilla Search search.jsp cross site scripting)
CVE-2018-25056 (FarCry Solr Pro Plugin Search solrProSearch.cfc cross site scripting)
CVE-2018-25057 (yolapi metadata.py render_description cross site scripting)
CVE-2018-25058 (simple_php_link_shortener index.php sql injection)
CVE-2018-25059 (Twitter-Post-Fetcher Link Target twitterFetcher.js reverse tabnabbing)
CVE-2018-25060 (pastebinit server.go pasteHandler path traversal)
CVE-2018-25061 (Macaron csrf csrf.go missing secure attribute)
CVE-2018-25062 (rgb2hex redos)
CVE-2018-25063 (flar2 ElementalX ipsec xfrm_user.c xfrm_dump_policy_done denial of service)
CVE-2018-25064 (Zenoss Dashboard defaultportlets.js cross site scripting)
CVE-2018-25065 (OSM Lab show-me-the-way site.js cross site scripting)
CVE-2018-25066 (Wikimedia mediawiki-extensions-I18nTags Unlike Parser I18nTags_body.php cross site scripting)
CVE-2018-25067 (PeterMu nodebatis sql injection)
CVE-2018-25068 (JoomGallery Image Sort default.php sql injection)
CVE-2018-25069 (devent globalpom-utils FileResourceManagerProvider.java createTmpDir temp file)
CVE-2018-25070 (Netis Netcore Router hard-coded password)
CVE-2018-25071 (polterguy Phosphorus Five CSV Import NonQuery.cs csv.Read sql injection)
CVE-2018-25072 (roxlukas LMeve proxy.php insert_log sql injection)
CVE-2018-25073 (lojban jbovlaste listing.html sql injection)
CVE-2018-25074 (Newcomer1989 TSN-Ranksystem bot.php getlog cross site scripting)
CVE-2018-25075 (Prestaul skeemas base.js redos)
CVE-2018-25076 (karsany OBridge ProcedureDao.java getAllStandaloneProcedureAndFunction sql injection)
CVE-2018-25077 (Events Extension events.php searchResults sql injection)
CVE-2018-25078 (melnaron mel-spintax spintax.js redos)
CVE-2018-25079 (N/A)
CVE-2018-25080 (Segmentio is-url index.js redos)
CVE-2018-25081 (MobileDetect Example session_example.php initLayoutType cross site scripting)
CVE-2018-25082 (N/A)
CVE-2018-25083 (zwczou WeChat SDK Python to_xml xml external entity reference)
CVE-2018-25084 (N/A)
CVE-2018-25085 (Ping Identity Self-Service Account Manager SSAMController.java cross site scripting)
CVE-2018-25086 (Responsive Menus Configuration Setting responsive_menus.module responsive_menus_admin_form_submit cross site scripting)
CVE-2018-25087 (sea75300 FanPress CM Template Preview templatepreview.php getArticlesPreview cross site scripting)
CVE-2018-25088 (Arborator Server project.cgi start denial of service)
CVE-2018-25089 (Blue Yonder postgraas_server PostgreSQL Backend postgres_cluster_driver.py create_postgres_db sql injection)
CVE-2018-25090 (glb Meetup Tag Extension Link Attribute reverse tabnabbing)
CVE-2018-25091 (Wago: Improper Neutralization of Input During Web Page Generation in multiple devices)
CVE-2018-25092 (N/A)
CVE-2018-25093 (Vaerys-Dawn DiscordSailv2 Command Mention access control)
CVE-2018-25094 (Vaerys-Dawn DiscordSailv2 Tag access control)
CVE-2018-25095 (ระบบบัญชีออนไลน์ Online Accounting System image.php path traversal)
CVE-2018-25096 (Duplicator < 1.3.0 - Unauthenticated RCE)
CVE-2018-25097 (MdAlAmin-aol Own Health Record logout.php cross-site request forgery)
CVE-2018-25098 (Acumos Design Studio cross site scripting)
CVE-2018-25099 (blockmason credit-protocol UCAC CreditProtocol.sol executeUcacTx denial of service)
CVE-2018-25100 (N/A)
CVE-2018-25101 (N/A)
CVE-2018-25103 (l2c2technologies Koha opac-MARCdetail.pl cross site scripting)
CVE-2018-25104 (Use-after-free vulnerabilities in lighttpd <= 1.4.50)