Skip to main content
CVE-2018-6484 MEDIUM POC This Month

In ZZIPlib 0.13.67, there is a memory alignment error and bus error in the __zzip_fetch_disk_trailer function of zzip/zip.c. Rated medium severity (CVSS 6.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Denial Of Service Zziplib Ubuntu Linux
NVD GitHub
CVSS 3.0
6.5
EPSS
2.2%
CVE-2018-0511 MEDIUM PATCH This Month

Cross-site scripting vulnerability in WP Retina 2x prior to version 5.2.2 allows an attacker to inject arbitrary web script or HTML via unspecified vectors. Rated medium severity (CVSS 6.1), this vulnerability is remotely exploitable, no authentication required, low attack complexity. This Cross-Site Scripting (XSS) vulnerability could allow attackers to inject malicious scripts into web pages viewed by other users.

XSS Wp Retina 2X
NVD
CVSS 3.0
6.1
EPSS
0.9%
CVE-2018-0508 MEDIUM This Month

Cross-site scripting vulnerability in epg search result viewer (kkcald) 0.7.21 and earlier allows an attacker to inject arbitrary web script or HTML via unspecified vectors. Rated medium severity (CVSS 6.1), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

XSS Kkcald
NVD
CVSS 3.0
6.1
EPSS
0.8%
CVE-2018-6470 MEDIUM This Month

Nibbleblog 4.0.5 on macOS defaults to having .DS_Store in each directory, causing DS_Store information to leak. Rated medium severity (CVSS 5.3), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Information Disclosure Apple Nibbleblog
NVD GitHub
CVSS 3.0
5.3
EPSS
1.1%

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy