Skip to main content
CVE-2018-6289 CRITICAL POC Act Now

Configuration file injection leading to Code Execution as Root in Kaspersky Secure Mail Gateway version 1.1. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

RCE Secure Mail Gateway
NVD
CVSS 3.0
9.8
EPSS
6.7%
CVE-2018-4877 CRITICAL Act Now

A use-after-free vulnerability was discovered in Adobe Flash Player before 28.0.0.161. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Memory Corruption Adobe RCE Use After Free Flash Player +3
NVD
CVSS 3.0
9.8
EPSS
8.5%
CVE-2018-6758 CRITICAL PATCH Act Now

The uwsgi_expand_path function in core/utils.c in Unbit uWSGI through 2.0.15 has a stack-based buffer overflow via a large directory length. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. This Out-of-bounds Write vulnerability could allow attackers to write data beyond allocated buffer boundaries leading to code execution or crashes.

Memory Corruption Buffer Overflow Uwsgi
NVD GitHub
CVSS 3.0
9.8
EPSS
2.1%

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy