21 matches found
CVE-2026-42207 Magento LTS: Open Redirect via Unvalidated `uenc` Parameter in `stockAction()` - magento-lts
Magento Long Term Support LTS is an unofficial, community-driven project provides an alternative to the Magento Community Edition e-commerce platform with a high level of backward compatibility. Prior to 20.18.0, MageProductAlertAddController::stockAction reads the uenc query parameter and passes...
CVE-2026-42155
Magento Long Term Support LTS is an unofficial, community-driven project provides an alternative to the Magento Community Edition e-commerce platform with a high level of backward compatibility. Prior to 20.18.0, the XML-RPC / SOAP API session ID is generated using an outdated, time-based...
CVE-2026-42155 Magento LTS: Weak API Session ID — Predictable MD5 of Time-Derived Inputs
Magento Long Term Support LTS is an unofficial, community-driven project provides an alternative to the Magento Community Edition e-commerce platform with a high level of backward compatibility. Prior to 20.18.0, the XML-RPC / SOAP API session ID is generated using an outdated, time-based...
EUVD-2026-30575
Magento Long Term Support LTS is an unofficial, community-driven project provides an alternative to the Magento Community Edition e-commerce platform with a high level of backward compatibility. Prior to 20.18.0, there is a reflected XSS vulnerability under admin panel - System - Import/Export -...
CVE-2026-42458
Magento Long Term Support LTS is an unofficial, community-driven project provides an alternative to the Magento Community Edition e-commerce platform with a high level of backward compatibility. Prior to 20.18.0, there is a reflected XSS vulnerability under admin panel - System - Import/Export -...
CVE-2026-20129 Cisco Catayst SD-WAN Authentication Bypass Vulnerability
A vulnerability in the API user authentication of Cisco Catalyst SD-WAN Manager could allow an unauthenticated, remote attacker to gain access to an affected system as a user who has the netadmin role. The vulnerability is due to improper authentication for requests that are sent to the API. An...
CVE-2018-2219
DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: This candidate was in a CNA pool that was not assigned to any issues during 2018. Notes: none...
CVE-2018-12800
DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: The CNA or individual who requested this candidate did not associate it with any vulnerability during 2018. Notes: none...
CVE-2020-1858
Huawei products NIP6800 versions V500R001C30, V500R001C60SPC500, and V500R005C00SPC100; Secospace USG6600 versions V500R001C30SPC600, V500R001C60SPC500, and V500R005C00SPC100; and USG9500 versions V500R001C30SPC600, V500R001C60SPC500, and V500R005C00SPC100 have a denial of service vulnerability...
com.storm-enroute:scalameter_2.13.0-M3 (>=0.14 <=0.18) potentially affected by CVE-2018-18855 via io.spray:spray-json_2.13.0-M2 (=1.3.4)
io.spray:spray-json2.13.0-M2 MAVEN version =1.3.4 is affected by a known vulnerability. The following packages have a transitive dependency on io.spray:spray-json2.13.0-M2 and may be impacted: - com.storm-enroute:scalameter2.13.0-M3 =0.14, =0.18 Source cves: CVE-2018-18855 Source advisory:...
Saudi Prince Allegedly Hacked World's Richest Man Jeff Bezos Using WhatsApp
The iPhone of Amazon founder Jeff Bezos , the world's richest man, was reportedly hacked in May 2018 after receiving a WhatsApp message from the personal account of Saudi crown prince Mohammed bin Salman , the Guardian newspaper revealed today. Citing unnamed sources familiar with digital forensi...
CVE-2018-14529
creationtimestamp| type| source ---|---|--- 2019-07-05 22:59:55+00:00| seen| https://t.me/cveNotify/261...
CVE-2018-20346
creationtimestamp| type| source ---|---|--- 2019-01-28 15:10:00+00:00| seen| MISP/5c4f1a2e-1300-4391-87cf-19c50a021402 2026-05-21 05:00:00+00:00| seen| https://www.cisa.gov/news-events/ics-advisories/icsa-26-141-03...
CVE-2018-13133
Golden Frog VyprVPN before 2018-06-21 has a vulnerability associated with the installation process on Windows...
CVE-2018-12904
creationtimestamp| type| source ---|---|--- 2018-06-25 00:00:00+00:00| exploited| https://www.exploit-db.com/exploits/44944...
Servicing stack update for Windows 10 Version 1607: March 22, 2018
None None...
2018-10 Preview of Monthly Quality Rollup for Windows 7 for x86-based Systems (KB4462927)
2018-10 Preview of Monthly Quality Rollup for Windows 7 for x86-based Systems KB4462927...
2018-07 Update for Windows 7 for x86-based Systems (KB4345459)
2018-07 Update for Windows 7 for x86-based Systems KB4345459...
2018-03 Update for Windows 7 for x86-based Systems (KB4091290)
2018-03 Update for Windows 7 for x86-based Systems KB4091290...
2018-07 Update for Windows 10 Version 1803 for x86-based Systems (KB4343669)
2018-07 Update for Windows 10 Version 1803 for x86-based Systems KB4343669...