Skip to main content
CVE-2018-6609 CRITICAL POC Act Now

SQL Injection exists in the JSP Tickets 1.1 component for Joomla!. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

SQLi Jsp Tickets
NVD Exploit-DB
CVSS 3.0
9.8
EPSS
2.7%
CVE-2018-6605 CRITICAL POC THREAT Act Now

SQL Injection exists in the Zh BaiduMap 3.0.0.1 component for Joomla!. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

SQLi Zh Baidumap
NVD Exploit-DB
CVSS 3.0
9.8
EPSS
58.3%
CVE-2018-6604 CRITICAL POC Act Now

SQL Injection exists in the Zh YandexMap 6.2.1.0 component for Joomla!. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

SQLi Zh Yandexmap
NVD Exploit-DB
CVSS 3.0
9.8
EPSS
2.7%
CVE-2018-6582 CRITICAL POC Act Now

SQL Injection exists in the Zh GoogleMap 8.4.0.0 component for Joomla!. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

SQLi Zh Googlemap
NVD Exploit-DB
CVSS 3.0
9.8
EPSS
2.8%
CVE-2018-6633 HIGH POC This Week

In Micropoint proactive defense software 2.0.20266.0146, the driver file (mp110005.sys) allows local users to cause a denial of service (BSOD) or possibly have unspecified other impact because of not. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. Public exploit code available and no vendor patch available.

Denial Of Service Proactive Defense
NVD GitHub
CVSS 3.0
7.8
EPSS
0.4%
CVE-2018-6632 HIGH POC This Week

In Micropoint proactive defense software 2.0.20266.0146, the driver file (mp110005.sys) allows local users to cause a denial of service (BSOD) or possibly have unspecified other impact because of not. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. Public exploit code available and no vendor patch available.

Denial Of Service Proactive Defense
NVD GitHub
CVSS 3.0
7.8
EPSS
0.4%
CVE-2018-6631 HIGH POC This Week

In Micropoint proactive defense software 2.0.20266.0146, the driver file (mp110009.sys) allows local users to cause a denial of service (BSOD) or possibly have unspecified other impact because of not. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. Public exploit code available and no vendor patch available.

Denial Of Service Proactive Defense
NVD GitHub
CVSS 3.0
7.8
EPSS
0.4%
CVE-2018-6630 HIGH POC This Week

In Micropoint proactive defense software 2.0.20266.0146, the driver file (mp110005.sys) allows local users to cause a denial of service (BSOD) or possibly have unspecified other impact because of not. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. Public exploit code available and no vendor patch available.

Denial Of Service Proactive Defense
NVD GitHub
CVSS 3.0
7.8
EPSS
0.4%
CVE-2018-6629 HIGH POC This Week

In Micropoint proactive defense software 2.0.20266.0146, the driver file (mp110005.sys) allows local users to cause a denial of service (BSOD) or possibly have unspecified other impact because of not. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. Public exploit code available and no vendor patch available.

Denial Of Service Proactive Defense
NVD GitHub
CVSS 3.0
7.8
EPSS
0.4%
CVE-2018-6628 HIGH POC This Week

In Micropoint proactive defense software 2.0.20266.0146, the driver file (mp110005.sys) allows local users to cause a denial of service (BSOD) or possibly have unspecified other impact because of not. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. Public exploit code available and no vendor patch available.

Denial Of Service Proactive Defense
NVD GitHub
CVSS 3.0
7.8
EPSS
0.4%
CVE-2018-6627 HIGH POC This Week

In WatchDog Anti-Malware 2.74.186.150, the driver file (ZAMGUARD32.SYS) allows local users to cause a denial of service (BSOD) or possibly have unspecified other impact because of not validating. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. Public exploit code available and no vendor patch available.

Denial Of Service Anti Malware
NVD GitHub
CVSS 3.0
7.8
EPSS
0.4%
CVE-2018-6626 HIGH POC This Week

In Micropoint proactive defense software 2.0.20266.0146, the driver file (mp110005.sys) allows local users to cause a denial of service (BSOD) or possibly have unspecified other impact because of not. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. Public exploit code available and no vendor patch available.

Denial Of Service Proactive Defense
NVD GitHub
CVSS 3.0
7.8
EPSS
0.4%
CVE-2018-6625 HIGH POC This Week

In WatchDog Anti-Malware 2.74.186.150, the driver file (ZAMGUARD32.SYS) allows local users to cause a denial of service (BSOD) or possibly have unspecified other impact because of not validating. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. Public exploit code available and no vendor patch available.

Denial Of Service Anti Malware
NVD GitHub
CVSS 3.0
7.8
EPSS
0.4%
CVE-2018-6461 HIGH POC This Week

March Hare WINCVS before 2.8.01 build 6610, and CVS Suite before 2009R2 build 6610, contains an Insecure Library Loading vulnerability in the wincvs2.exe or wincvs.exe file, which may allow local. Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Information Disclosure Python Wincvs
NVD
CVSS 3.0
7.8
EPSS
1.8%
CVE-2018-6610 HIGH POC This Week

Information Leakage exists in the jLike 1.0 component for Joomla!. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Information Disclosure Jlike
NVD Exploit-DB
CVSS 3.0
7.5
EPSS
8.1%
CVE-2018-6624 CRITICAL Act Now

OMRON NS devices 1.1 through 1.3 allow remote attackers to bypass authentication via a direct request to the .html file for a specific screen, as demonstrated by monitor.html. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Authentication Bypass Ns Series Firmware
NVD
CVSS 3.0
9.8
EPSS
1.7%
CVE-2018-5442 CRITICAL Act Now

A Stack-based Buffer Overflow issue was discovered in Fuji Electric V-Server VPR 4.0.1.0 and prior. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

RCE Buffer Overflow Stack Overflow V Server Vpr Firmware
NVD
CVSS 3.1
9.8
EPSS
3.8%
CVE-2018-6651 HIGH PATCH This Week

In the uncurl_ws_accept function in uncurl.c in uncurl before 0.07, as used in Parsec before 140-3, insufficient Origin header validation (accepting an arbitrary substring match) for WebSocket API. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. This Cross-Site Request Forgery (CSRF) vulnerability could allow attackers to trick authenticated users into performing unintended actions.

CSRF Uncurl Parsec
NVD GitHub
CVSS 3.0
8.8
EPSS
2.2%
CVE-2018-6635 HIGH This Week

System Manager in Avaya Aura before 7.1.2 does not properly use SSL in conjunction with authentication, which allows remote attackers to bypass intended Remote Method Invocation (RMI) restrictions,. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable. No vendor patch available.

Authentication Bypass Aura
NVD
CVSS 3.0
7.5
EPSS
1.2%
CVE-2018-5797 HIGH This Week

An issue was discovered in Extreme Networks ExtremeWireless WiNG 5.x before 5.8.6.9 and 5.9.x before 5.9.1.3. Rated high severity (CVSS 7.5), this vulnerability is no authentication required. No vendor patch available.

Authentication Bypass Extremewireless Wing
NVD
CVSS 3.0
7.5
EPSS
0.5%
CVE-2018-5789 HIGH This Week

An issue was discovered in Extreme Networks ExtremeWireless WiNG 5.x before 5.8.6.9 and 5.9.x before 5.9.1.3. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Denial Of Service XXE Wing
NVD
CVSS 3.0
7.5
EPSS
1.1%
CVE-2018-5788 HIGH This Week

An issue was discovered in Extreme Networks ExtremeWireless WiNG 5.x before 5.8.6.9 and 5.9.x before 5.9.1.3. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Denial Of Service Buffer Overflow Wing
NVD
CVSS 3.0
7.5
EPSS
1.3%
CVE-2018-5787 HIGH This Week

An issue was discovered in Extreme Networks ExtremeWireless WiNG 5.x before 5.8.6.9 and 5.9.x before 5.9.1.3. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Memory Corruption Buffer Overflow Extremewireless Wing
NVD
CVSS 3.0
7.5
EPSS
1.3%
CVE-2018-6188 HIGH PATCH This Week

django.contrib.auth.forms.AuthenticationForm in Django 2.0 before 2.0.2, and 1.11.8 and 1.11.9, allows remote attackers to obtain potentially sensitive information by leveraging data exposure from. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. This Exposure of Sensitive Information vulnerability could allow attackers to access sensitive data that should not be disclosed.

Information Disclosure Python Django Ubuntu Linux
NVD
CVSS 3.0
7.5
EPSS
4.9%
CVE-2018-5796 HIGH This Week

An issue was discovered in Extreme Networks ExtremeWireless WiNG 5.x before 5.8.6.9 and 5.9.x before 5.9.1.3. Rated high severity (CVSS 7.2), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Buffer Overflow Wing
NVD
CVSS 3.0
7.2
EPSS
1.4%
CVE-2018-6621 MEDIUM PATCH This Month

The decode_frame function in libavcodec/utvideodec.c in FFmpeg through 3.2 allows remote attackers to cause a denial of service (out of array read) via a crafted AVI file. Rated medium severity (CVSS 6.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. This Out-of-bounds Read vulnerability could allow attackers to read data from memory outside the intended buffer boundaries.

Information Disclosure Denial Of Service Buffer Overflow Ffmpeg Debian Linux
NVD GitHub
CVSS 3.1
6.5
EPSS
2.2%
CVE-2018-5793 MEDIUM This Month

An issue was discovered in Extreme Networks ExtremeWireless WiNG 5.x before 5.8.6.9 and 5.9.x before 5.9.1.3. Rated medium severity (CVSS 5.9), this vulnerability is remotely exploitable, no authentication required. No vendor patch available.

Memory Corruption Buffer Overflow Wing
NVD
CVSS 3.0
5.9
EPSS
0.9%
CVE-2018-5792 MEDIUM This Month

An issue was discovered in Extreme Networks ExtremeWireless WiNG 5.x before 5.8.6.9 and 5.9.x before 5.9.1.3. Rated medium severity (CVSS 5.9), this vulnerability is remotely exploitable, no authentication required. No vendor patch available.

Memory Corruption Buffer Overflow Wing
NVD
CVSS 3.0
5.9
EPSS
0.9%
CVE-2018-5791 MEDIUM This Month

An issue was discovered in Extreme Networks ExtremeWireless WiNG 5.x before 5.8.6.9 and 5.9.x before 5.9.1.3. Rated medium severity (CVSS 5.9), this vulnerability is remotely exploitable, no authentication required. No vendor patch available.

Memory Corruption Buffer Overflow Wing
NVD
CVSS 3.0
5.9
EPSS
0.9%
CVE-2018-5794 MEDIUM This Month

An issue was discovered in Extreme Networks ExtremeWireless WiNG 5.x before 5.8.6.9 and 5.9.x before 5.9.1.3. Rated medium severity (CVSS 5.3), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Authentication Bypass Wing
NVD
CVSS 3.0
5.3
EPSS
0.8%
CVE-2018-5790 MEDIUM This Month

An issue was discovered in Extreme Networks ExtremeWireless WiNG 5.x before 5.8.6.9 and 5.9.x before 5.9.1.3. Rated medium severity (CVSS 5.3), this vulnerability is no authentication required. No vendor patch available.

Denial Of Service Buffer Overflow Wing
NVD
CVSS 3.0
5.3
EPSS
0.4%
CVE-2018-5795 MEDIUM This Month

An issue was discovered in Extreme Networks ExtremeWireless WiNG 5.x before 5.8.6.9 and 5.9.x before 5.9.1.3. Rated medium severity (CVSS 4.9), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Information Disclosure Wing
NVD
CVSS 3.0
4.9
EPSS
0.7%

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy