Skip to main content
CVE-2018-6789 CRITICAL POC KEV PATCH THREAT Act Now

An issue was discovered in the base64d function in the SMTP listener in Exim before 4.90.1. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available.

Buffer Overflow Exim Debian Linux Ubuntu Linux
NVD Exploit-DB
CVSS 3.1
9.8
EPSS
82.2%
CVE-2018-6180 CRITICAL POC Act Now

A flaw in the profile section of Online Voting System 1.0 allows an unauthenticated user to set an arbitrary password for other accounts. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Authentication Bypass Online Voting Platform
NVD Exploit-DB
CVSS 3.1
9.8
EPSS
4.0%
CVE-2018-6836 CRITICAL POC PATCH Act Now

The netmonrec_comment_destroy function in wiretap/netmon.c in Wireshark through 2.4.4 performs a free operation on an uninitialized memory address, which allows remote attackers to cause a denial of. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available.

Denial Of Service Wireshark
NVD
CVSS 3.0
9.8
EPSS
2.8%
CVE-2018-0127 CRITICAL POC THREAT Act Now

A vulnerability in the web interface of Cisco RV132W ADSL2+ Wireless-N VPN Routers and Cisco RV134W VDSL2 Wireless-AC VPN Routers could allow an unauthenticated, remote attacker to view configuration. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Information Disclosure Cisco Rv132W Firmware Rv134W Firmware
NVD
CVSS 3.1
9.8
EPSS
77.6%
CVE-2018-1163 CRITICAL Act Now

This vulnerability allows remote attackers to bypass authentication on vulnerable installations of Quest NetVault Backup 11.2.0.13. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Authentication Bypass RCE Netvault Backup
NVD
CVSS 3.0
9.8
EPSS
16.3%
CVE-2018-1161 CRITICAL Act Now

This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Quest NetVault Backup 11.2.0.13. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

RCE Buffer Overflow Stack Overflow Netvault Backup
NVD
CVSS 3.0
9.8
EPSS
67.2%
CVE-2018-0514 CRITICAL Act Now

MP Form Mail CGI eCommerce Edition Ver 2.0.13 and earlier allows remote attackers to execute arbitrary OS commands via unspecified vectors. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Command Injection Mp Form Mail Cgi
NVD
CVSS 3.0
9.8
EPSS
2.3%
CVE-2018-6835 CRITICAL PATCH Act Now

node/hooks/express/apicalls.js in Etherpad Lite before v1.6.3 mishandles JSONP, which allows remote attackers to bypass intended access restrictions. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity.

Authentication Bypass Etherpad
NVD GitHub
CVSS 3.0
9.8
EPSS
2.3%
CVE-2018-0125 CRITICAL KEV THREAT Act Now

A vulnerability in the web interface of the Cisco RV132W ADSL2+ Wireless-N VPN and RV134W VDSL2 Wireless-AC VPN Routers could allow an unauthenticated, remote attacker to execute arbitrary code and. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Denial Of Service RCE Cisco Rv132W Firmware Rv134W Firmware
NVD
CVSS 3.1
9.8
EPSS
55.4%

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy