CVEs & Advisories

Identifier	Description	Product	Author	Date
CVE-2018-18379	Cross Site Scripting (XSS)	Elementor LTD	Christopher Vella	October 2018
CVE-2018-12944	Persistent Cross-Site Scripting (XSS)	SeedDMS	Dennis Herrmann and Malte Poll	July 2018
CVE-2018-12943	Cross Site Scripting (XSS)	SeedDMS	Dennis Herrmann and Malte Poll	July 2018
CVE-2018-12942	SQL Injection	SeedDMS	Dennis Herrmann and Malte Poll	July 2018
CVE-2018-12941	Remote Code Execution	SeedDMS	Dennis Herrmann and Malte Poll	July 2018
CVE-2018-12940	Unrestricted File Upload	SeedDMS	Dennis Herrmann and Malte Poll	July 2018
CVE-2018-12939	Directory Traversal	SeedDMS	Dennis Herrmann and Malte Poll	July 2018
CVE-2018-6493	SQL Injection	HP Network Automation	Tilman Bender, Dennis Herrmann and Bastian Kanbach	June 2018
CVE-2018-6492	Cross-Site Scripting (XSS)	HP Network Automation	Tilman Bender, Dennis Herrmann and Bastian Kanbach	June 2018
Hyperoptic ZTE home routers	Hardcoded account allows compromise of all Hyperoptic ZTE home routers	ZTE H298N and ZTE H298A	Dan Cater	April 2018
CVE-2017-9377	Command Injection Vulnerability on ClickShare Base Units	ClickShare Base Units	Claudio Moletta	September 2017
CVE-2017-8419	Multiple stack and heap corruptions from malicious file	Lame 3.99.5 MP3	Gareth Evans	May 2017
Mitel 17-0003	Multiple Vulnerabilities in MiVoice Conference/Video Phone (UC360)	Mitel UC360	Tom Moreton	February 2017
Mitel 17-0002	Privilege Escalation / Remote Code Execution Vulnerability in MiVoice Conference/Video Phone (UC360)	Mitel UC360	Tom Moreton	February 2017
CVE-2017-5669	Shmat syscall allows null-page protection bypass	Linux	Gareth Evans	January 2017
CVE-2016-7742	Opening a maliciously crafted archive may lead to arbitrary code execution	MacOS	Gareth Evans	December 2016
CVE-2016-7086	Local privileges escalation in VMware installer	VMware	Adam Bridge	September 2016
CVE-2016-7988	No Permissions on SET_WIFI Broadcast receiver	Android	Tom Court	August 2016
CVE-2016-7991	omacp app ignores security fields in OMA CP message	Android	Tom Court	August 2016
CVE-2016-7990	Integer overflow in libomacp.so	Android	Tom Court	August 2016
CVE-2016-7989	Unhandled ArrayIndexOutOfBounds exception in Android Runtime	Android	Tom Court	August 2016
CVE-2017-5384	Information disclosure via Proxy Auto-Config (PAC)	Firefox	Paul Stone, Alex Chapman	July 2016
CVE-2016-5134	URL leakage via PAC script	Chrome	Paul Stone, Alex Chapman	July 2016
CVE-2016-1801	Information disclosure vulnerability in Proxy Auto-Config	iOS/MacOS	Paul Stone, Alex Chapman	July 2016
CVE-2016-3763	Information disclosure vulnerability in Proxy Auto-Config	Android	Paul Stone, Alex Chapman	July 2016
CVE-2014-3524	Command injection when loading Calc spreadsheets under Windows	Calc	James Kettle, Rohan Durve	August 2014
CVE-2012-0161	.NET Framework Serialization Vulnerability	.Net	James Forshaw	May 2012
CVE-2012-0160	.NET Framework Serialization Vulnerability	.Net	James Forshaw	May 2012

Identifier

Description

Product

Author

Date

CVE-2018-18379

Cross Site Scripting (XSS)

Elementor LTD

Christopher Vella

October 2018

CVE-2018-12944

Persistent Cross-Site Scripting (XSS)

SeedDMS