Skip to main content
CVE-2017-1000486 CRITICAL POC KEV PATCH THREAT Act Now

Primetek PrimeFaces 5.x uses weak encryption for ViewState parameters, allowing unauthenticated remote code execution through crafted serialized Java objects sent via the ViewState mechanism.

NVD GitHub Exploit-DB
CVSS 3.1
9.8
EPSS
93.7%
Threat
9.8
CVE-2018-5088 HIGH POC This Week

In K7 AntiVirus 15.1.0306, the driver file (K7FWHlpr.sys) allows local users to cause a denial of service (BSOD) or possibly have unspecified other impact because of not validating input values from. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. Public exploit code available and no vendor patch available.

Denial Of Service Antivirus
NVD GitHub
CVSS 3.0
7.8
EPSS
0.4%
CVE-2018-5087 HIGH POC This Week

In K7 AntiVirus 15.1.0306, the driver file (K7FWHlpr.sys) allows local users to cause a denial of service (BSOD) or possibly have unspecified other impact because of not validating input values from. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. Public exploit code available and no vendor patch available.

Denial Of Service Antivirus
NVD GitHub
CVSS 3.0
7.8
EPSS
0.4%
CVE-2018-5086 HIGH POC This Week

In K7 AntiVirus 15.1.0306, the driver file (K7FWHlpr.sys) allows local users to cause a denial of service (BSOD) or possibly have unspecified other impact because of not validating input values from. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. Public exploit code available and no vendor patch available.

Denial Of Service Antivirus
NVD GitHub
CVSS 3.0
7.8
EPSS
0.4%
CVE-2018-5085 HIGH POC This Week

In K7 AntiVirus 15.1.0306, the driver file (K7FWHlpr.sys) allows local users to cause a denial of service (BSOD) or possibly have unspecified other impact because of not validating input values from. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. Public exploit code available and no vendor patch available.

Denial Of Service Antivirus
NVD GitHub
CVSS 3.0
7.8
EPSS
0.4%
CVE-2018-5084 HIGH POC This Week

In K7 AntiVirus 15.1.0306, the driver file (K7FWHlpr.sys) allows local users to cause a denial of service (BSOD) or possibly have unspecified other impact because of not validating input values from. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. Public exploit code available and no vendor patch available.

Denial Of Service Antivirus
NVD GitHub
CVSS 3.0
7.8
EPSS
0.4%
CVE-2018-5083 HIGH POC This Week

In K7 AntiVirus 15.1.0306, the driver file (K7FWHlpr.sys) allows local users to cause a denial of service (BSOD) or possibly have unspecified other impact because of not validating input values from. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. Public exploit code available and no vendor patch available.

Denial Of Service Antivirus
NVD GitHub
CVSS 3.0
7.8
EPSS
0.4%
CVE-2018-5082 HIGH POC This Week

In K7 AntiVirus 15.1.0306, the driver file (K7FWHlpr.sys) allows local users to cause a denial of service (BSOD) or possibly have unspecified other impact because of not validating input values from. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. Public exploit code available and no vendor patch available.

Denial Of Service Antivirus
NVD GitHub
CVSS 3.0
7.8
EPSS
0.4%
CVE-2018-5081 HIGH POC This Week

In K7 AntiVirus 15.1.0306, the driver file (K7FWHlpr.sys) allows local users to cause a denial of service (BSOD) or possibly have unspecified other impact because of not validating input values from. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. Public exploit code available and no vendor patch available.

Denial Of Service Antivirus
NVD GitHub
CVSS 3.0
7.8
EPSS
0.4%
CVE-2018-5080 HIGH POC This Week

In K7 AntiVirus 15.1.0306, the driver file (K7FWHlpr.sys) allows local users to cause a denial of service (BSOD) or possibly have unspecified other impact because of not validating input values from. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. Public exploit code available and no vendor patch available.

Denial Of Service Antivirus
NVD GitHub
CVSS 3.0
7.8
EPSS
0.4%
CVE-2018-5079 HIGH POC This Week

In K7 AntiVirus 15.1.0306, the driver file (K7FWHlpr.sys) allows local users to cause a denial of service (BSOD) or possibly have unspecified other impact because of not validating input values from. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. Public exploit code available and no vendor patch available.

Denial Of Service Antivirus
NVD GitHub
CVSS 3.0
7.8
EPSS
0.4%
CVE-2018-5073 MEDIUM POC This Month

Online Ticket Booking has CSRF via admin/movieedit.php. Rated medium severity (CVSS 6.8), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available and no vendor patch available.

CSRF PHP Advanced Real Estate Script
NVD GitHub
CVSS 3.0
6.8
EPSS
0.4%
CVE-2018-4868 MEDIUM POC This Month

The Exiv2::Jp2Image::readMetadata function in jp2image.cpp in Exiv2 0.26 allows remote attackers to cause a denial of service (excessive memory allocation) via a crafted file. Rated medium severity (CVSS 5.5), this vulnerability is no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Denial Of Service Exiv2
NVD GitHub
CVSS 3.0
5.5
EPSS
1.5%
CVE-2018-5078 MEDIUM POC This Month

Online Ticket Booking has XSS via the admin/eventlist.php cast parameter. Rated medium severity (CVSS 4.8), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available and no vendor patch available.

XSS PHP Advanced Real Estate Script
NVD GitHub
CVSS 3.0
4.8
EPSS
0.5%
CVE-2018-5077 MEDIUM POC This Month

Online Ticket Booking has XSS via the admin/movieedit.php moviename parameter. Rated medium severity (CVSS 4.8), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available and no vendor patch available.

XSS PHP Advanced Real Estate Script
NVD GitHub
CVSS 3.0
4.8
EPSS
0.5%
CVE-2018-5076 MEDIUM POC This Month

Online Ticket Booking has XSS via the admin/newsedit.php newstitle parameter. Rated medium severity (CVSS 4.8), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available and no vendor patch available.

XSS PHP Advanced Real Estate Script
NVD GitHub
CVSS 3.0
4.8
EPSS
0.5%
CVE-2018-5075 MEDIUM POC This Month

Online Ticket Booking has XSS via the admin/snacks_edit.php snacks_name parameter. Rated medium severity (CVSS 4.8), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available and no vendor patch available.

XSS PHP Advanced Real Estate Script
NVD GitHub
CVSS 3.0
4.8
EPSS
0.5%
CVE-2018-5074 MEDIUM POC This Month

Online Ticket Booking has XSS via the admin/manageownerlist.php contact parameter. Rated medium severity (CVSS 4.8), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available and no vendor patch available.

XSS PHP Advanced Real Estate Script
NVD GitHub
CVSS 3.0
4.8
EPSS
0.5%
CVE-2018-5072 MEDIUM POC This Month

Online Ticket Booking has XSS via the admin/sitesettings.php keyword parameter. Rated medium severity (CVSS 4.8), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available and no vendor patch available.

XSS PHP Advanced Real Estate Script
NVD GitHub
CVSS 3.0
4.8
EPSS
0.5%
CVE-2018-4862 HIGH This Week

In Octopus Deploy versions 3.2.11 - 4.1.5 (fixed in 4.1.6), an authenticated user with ProcessEdit permission could reference an Azure account in such a way as to bypass the scoping restrictions,. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Privilege Escalation Microsoft Octopus Deploy
NVD GitHub
CVSS 3.0
8.8
EPSS
1.1%

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy