Skip to main content
CVE-2018-6593 HIGH POC This Week

An issue was discovered in MalwareFox AntiMalware 2.74.0.150. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. Public exploit code available and no vendor patch available.

Information Disclosure Antimalware
NVD GitHub Exploit-DB
CVSS 3.0
7.8
EPSS
1.1%
CVE-2018-6594 HIGH POC This Week

lib/Crypto/PublicKey/ElGamal.py in PyCrypto through 2.6.1 generates weak ElGamal key parameters, which allows attackers to obtain sensitive information by reading ciphertext data (i.e., it does not. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Information Disclosure Pycrypto Debian Linux Ubuntu Linux
NVD GitHub
CVSS 3.0
7.5
EPSS
2.1%
CVE-2018-1185 MEDIUM POC PATCH This Month

An issue was discovered in EMC RecoverPoint for Virtual Machines versions prior to 5.1.1, EMC RecoverPoint version 5.1.0.0, and EMC RecoverPoint versions prior to 5.0.1.3. Rated medium severity (CVSS 6.7), this vulnerability is low attack complexity. Public exploit code available.

Command Injection Emc Recoverpoint Emc Recoverpoint For Virtual Machines
NVD Exploit-DB
CVSS 3.1
6.7
EPSS
6.3%
CVE-2018-6596 CRITICAL PATCH Act Now

webhooks/base.py in Anymail (aka django-anymail) before 1.2.1 is prone to a timing attack vulnerability on the WEBHOOK_AUTHORIZATION secret, which allows remote attackers to post arbitrary e-mail. Rated critical severity (CVSS 9.1), this vulnerability is remotely exploitable, no authentication required, low attack complexity. This Exposure of Sensitive Information vulnerability could allow attackers to access sensitive data that should not be disclosed.

Information Disclosure Python Django Anymail Debian Linux
NVD GitHub
CVSS 3.0
9.1
EPSS
2.7%
CVE-2018-1184 MEDIUM PATCH This Month

An issue was discovered in EMC RecoverPoint for Virtual Machines versions prior to 5.1.1, EMC RecoverPoint version 5.1.0.0, and EMC RecoverPoint versions prior to 5.0.1.3. Rated medium severity (CVSS 6.7), this vulnerability is low attack complexity. This OS Command Injection vulnerability could allow attackers to execute arbitrary operating system commands on the host.

Command Injection Emc Recoverpoint Emc Recoverpoint For Virtual Machines
NVD
CVSS 3.0
6.7
EPSS
1.1%

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy