Skip to main content
CVE-2018-5331 MEDIUM POC This Month

Discuz!. Rated medium severity (CVSS 5.4), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available and no vendor patch available.

XSS PHP Discuzx
NVD
CVSS 3.0
5.4
EPSS
0.6%
CVE-2018-0014 MEDIUM This Month

Juniper Networks ScreenOS devices do not pad Ethernet packets with zeros, and thus some packets can contain fragments of system memory or data from previous packets. Rated medium severity (CVSS 6.5), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Information Disclosure Juniper Screenos
NVD
CVSS 3.0
6.5
EPSS
0.6%
CVE-2018-0013 MEDIUM PATCH This Month

A local file inclusion vulnerability in Juniper Networks Junos Space Network Management Platform may allow an authenticated user to retrieve files from the system. Rated medium severity (CVSS 6.5), this vulnerability is remotely exploitable, low attack complexity. This Exposure of Sensitive Information vulnerability could allow attackers to access sensitive data that should not be disclosed.

Information Disclosure Juniper Junos Space
NVD
CVSS 3.0
6.5
EPSS
1.2%
CVE-2018-0010 MEDIUM PATCH This Month

A vulnerability in the Juniper Networks Junos Space Security Director allows a user who does not have SSH access to a device to reuse the URL that was created for another user to perform SSH access. Rated medium severity (CVSS 6.5), this vulnerability is remotely exploitable, low attack complexity. This Improper Privilege Management vulnerability could allow attackers to escalate privileges to gain unauthorized elevated access.

Privilege Escalation Juniper Junos Space
NVD
CVSS 3.0
6.5
EPSS
0.6%
CVE-2018-0004 MEDIUM This Month

A sustained sequence of different types of normal transit traffic can trigger a high CPU consumption denial of service condition in the Junos OS register and schedule software interrupt handler. Rated medium severity (CVSS 6.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Denial Of Service Juniper Junos
NVD
CVSS 3.0
6.5
EPSS
1.2%
CVE-2018-0003 MEDIUM PATCH This Month

A specially crafted MPLS packet received or processed by the system, on an interface configured with MPLS, will store information in the system memory. Rated medium severity (CVSS 6.5), this vulnerability is no authentication required, low attack complexity.

Denial Of Service Juniper Junos
NVD
CVSS 3.0
6.5
EPSS
0.9%
CVE-2018-0819 MEDIUM PATCH This Month

Microsoft Office 2016 for Mac allows an attacker to send a specially crafted email attachment to a user in an attempt to launch a social engineering attack, such as phishing, due to how Outlook for. Rated medium severity (CVSS 6.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity.

Microsoft Information Disclosure Office
NVD
CVSS 3.0
6.5
EPSS
5.7%
CVE-2018-0785 MEDIUM PATCH This Month

ASP.NET Core 1.0. Rated medium severity (CVSS 6.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. This Cross-Site Request Forgery (CSRF) vulnerability could allow attackers to trick authenticated users into performing unintended actions.

CSRF Asp Net Core
NVD
CVSS 3.0
6.5
EPSS
3.0%
CVE-2018-0008 MEDIUM This Month

An unauthenticated root login may allow upon reboot when a commit script is used. Rated medium severity (CVSS 6.2), this vulnerability is low attack complexity. No vendor patch available.

Authentication Bypass Juniper Junos
NVD
CVSS 3.0
6.2
EPSS
0.5%
CVE-2018-0799 MEDIUM PATCH This Month

Microsoft Access in Microsoft SharePoint Enterprise Server 2013 and Microsoft SharePoint Enterprise Server 2016 allows a cross-site-scripting (XSS) vulnerability due to the way image field values are. Rated medium severity (CVSS 6.1), this vulnerability is remotely exploitable, no authentication required, low attack complexity. This Cross-Site Scripting (XSS) vulnerability could allow attackers to inject malicious scripts into web pages viewed by other users.

Microsoft XSS Sharepoint Enterprise Server
NVD
CVSS 3.0
6.1
EPSS
3.6%
CVE-2018-0009 MEDIUM PATCH This Month

On Juniper Networks SRX series devices, firewall rules configured to match custom application UUIDs starting with zeros can match all TCP traffic. Rated medium severity (CVSS 5.9), this vulnerability is remotely exploitable, no authentication required.

Authentication Bypass Juniper Junos
NVD
CVSS 3.0
5.9
EPSS
1.3%
CVE-2018-0002 MEDIUM PATCH This Month

On SRX Series and MX Series devices with a Service PIC with any ALG enabled, a crafted TCP/IP response packet processed through the device results in memory corruption leading to a flowd daemon. Rated medium severity (CVSS 5.9), this vulnerability is remotely exploitable, no authentication required. This Buffer Overflow vulnerability could allow attackers to corrupt memory to execute arbitrary code or crash the application.

Denial Of Service Buffer Overflow Juniper Junos
NVD
CVSS 3.0
5.9
EPSS
1.5%
CVE-2018-0011 MEDIUM PATCH This Month

A reflected cross site scripting (XSS) vulnerability in Junos Space may potentially allow a remote authenticated user to inject web script or HTML and steal sensitive data and credentials from a. Rated medium severity (CVSS 5.4), this vulnerability is remotely exploitable, low attack complexity. This Cross-Site Scripting (XSS) vulnerability could allow attackers to inject malicious scripts into web pages viewed by other users.

XSS Information Disclosure Juniper Junos Space
NVD
CVSS 3.0
5.4
EPSS
0.8%
CVE-2018-0006 MEDIUM PATCH This Month

A high rate of VLAN authentication attempts sent from an adjacent host on the local broadcast domain can trigger high memory utilization by the BBE subscriber management daemon (bbe-smgd), and lead. Rated medium severity (CVSS 5.3), this vulnerability is no authentication required. This Allocation of Resources Without Limits vulnerability could allow attackers to exhaust system resources through uncontrolled allocation.

Denial Of Service Juniper Junos
NVD
CVSS 3.0
5.3
EPSS
0.7%

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy