Skip to main content
CVE-2018-5705 MEDIUM POC This Month

Reservo Image Hosting 1.6 is vulnerable to XSS attacks. Rated medium severity (CVSS 6.1), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

XSS Image Hosting
NVD Exploit-DB
CVSS 3.0
6.1
EPSS
1.5%
CVE-2018-6192 MEDIUM POC This Month

In Artifex MuPDF 1.12.0, the pdf_read_new_xref function in pdf/pdf-xref.c allows remote attackers to cause a denial of service (segmentation violation and application crash) via a crafted pdf file. Rated medium severity (CVSS 5.5), this vulnerability is no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Denial Of Service Buffer Overflow Mupdf Debian Linux
NVD
CVSS 3.0
5.5
EPSS
1.8%
CVE-2018-6191 MEDIUM POC This Month

The js_strtod function in jsdtoa.c in Artifex MuJS through 1.0.2 has an integer overflow because of incorrect exponent validation. Rated medium severity (CVSS 5.5), this vulnerability is no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Integer Overflow Buffer Overflow Mujs
NVD Exploit-DB
CVSS 3.0
5.5
EPSS
5.2%
CVE-2018-5759 MEDIUM POC This Month

jsparse.c in Artifex MuJS through 1.0.2 does not properly maintain the AST depth for binary expressions, which allows remote attackers to cause a denial of service (excessive recursion) via a crafted. Rated medium severity (CVSS 5.5), this vulnerability is no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Denial Of Service Mujs
NVD Exploit-DB
CVSS 3.0
5.5
EPSS
5.1%
CVE-2018-6187 MEDIUM POC This Month

In Artifex MuPDF 1.12.0, there is a heap-based buffer overflow vulnerability in the do_pdf_save_document function in the pdf/pdf-write.c file. Rated medium severity (CVSS 5.5), this vulnerability is no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Memory Corruption Denial Of Service Buffer Overflow Mupdf Debian Linux
NVD
CVSS 3.0
5.5
EPSS
1.9%
CVE-2018-6190 MEDIUM POC This Month

Netis WF2419 V3.2.41381 devices allow XSS via the Description field on the MAC Filtering page. Rated medium severity (CVSS 5.4), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available and no vendor patch available.

XSS Wf2419 Firmware
NVD Exploit-DB
CVSS 3.0
5.4
EPSS
1.6%
CVE-2018-6193 MEDIUM POC This Month

A Cross-Site Scripting (XSS) vulnerability was found in Routers2 2.24, affecting the 'rtr' GET parameter in a page=graph action to cgi-bin/routers2.pl. Rated medium severity (CVSS 4.7), this vulnerability is remotely exploitable, no authentication required. Public exploit code available and no vendor patch available.

XSS Routers2
NVD GitHub Exploit-DB
CVSS 3.0
4.7
EPSS
2.1%
CVE-2018-1047 MEDIUM PATCH This Month

A flaw was found in Wildfly 9.x. Rated medium severity (CVSS 5.5), this vulnerability is low attack complexity. No vendor patch available.

Information Disclosure Path Traversal Jboss Wildfly Application Server Jboss Enterprise Application Platform
NVD
CVSS 3.0
5.5
EPSS
0.5%

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy