CVE-2017-18178

Authenticate/SWT in Progress Sitefinity 9.1 has an open redirect issue in which an authentication token is sent to the redirection target, if the target is specified using a certain %40 syntax. This is fixed in 10.1...

MAL-2025-18178 Malicious code in default-debug (npm)

The package default-debug was found to contain malicious code...

CVE-2020-18178

Path Traversal in HongCMS v4.0.0 allows remote attackers to view, edit, and delete arbitrary files via a crafted POST request to the component "/hcms/admin/index.php/language/ajax."...

CVE-2023-34271

Fatek Automation FvDesigner FPJ File Parsing Out-Of-Bounds Write Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of Fatek Automation FvDesigner. User interaction is required to exploit this vulnerability in that t...

CVE-2023-34271 Fatek Automation FvDesigner FPJ File Parsing Out-Of-Bounds Write Remote Code Execution Vulnerability

Fatek Automation FvDesigner FPJ File Parsing Out-Of-Bounds Write Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of Fatek Automation FvDesigner. User interaction is required to exploit this vulnerability in that t...

CVE-2023-34271

CVE-2023-34271 affects Fatek Automation FvDesigner FPJ file parsing. The flaw is a lack of proper validation of FPJ data, causing a write past the end of an allocated data structure (out-of-bounds write) and enabling arbitrary code execution. Exploitation requires user interaction (the target mus...

CVE-2018-18178

Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: This candidate was in a CNA pool that was not assigned to any issues. Notes: none...

HongCMS Directory Traversal (CVE-2020-18178)

A directory traversal vulnerability exists in HongCMS. Successful exploitation of this vulnerability could allow an attacker to access arbitrary files on the affected system...

CVE-2020-18178

CVE-2020-18178 affects HongCMS v4.0.0. A path traversal vulnerability allows remote attackers to view, edit, and delete arbitrary files by crafting a POST request to /hcms/admin/index.php/language/ajax. Multiple sources (NVD, CNVD/CNNVD, Red Hat entry) confirm the issue; CVE details indicate high...

CVE-2019-18178

The CVE-2019-18178 vulnerability affects Real Time Engineers FreeRTOS+FAT 160919a. It is a use-after-free in the FF_Close() function (ff_file.c). The file handler pxFile is freed by ffconfigFREE, which is a macro for vPortFree(), but that same path is reused to flush modified file content from th...

CVE-2017-18178

Authenticate/SWT in Progress Sitefinity 9.1 has an open redirect issue in which an authentication token is sent to the redirection target, if the target is specified using a certain %40 syntax. This is fixed in 10.1...

CVE-2017-18178

Progress Sitefinity 9.1 is affected by CVE-2017-18178, an open redirect in Authenticate/SWT where an authentication token may be sent to the redirection target when the target is specified using a particular %40 syntax. The issue is resolved in version 10.1. No exploitation details are provided i...

CCMPlayer 1.5 m3u Playlist Stack Based Buffer Overflow

This module exploits a stack based buffer overflow in CCMPlayer 1.5. Opening a m3u playlist with a long track name, a SEH exception record can be overwritten with parts of the controllable buffer. SEH execution is triggered after an invalid read of an injectable address, thus allowing arbitrary...

CVE-2018-18178

CVE-2018-18178 entry is rejected/not used; it does not represent an active vulnerability.