Skip to main content
CVE-2018-6889 HIGH POC This Week

An issue was discovered in Typesetter 5.1. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available and no vendor patch available.

Code Injection RCE Typesetter
NVD Exploit-DB
CVSS 3.0
8.8
EPSS
6.8%
CVE-2018-6860 HIGH POC This Week

Arbitrary File Upload and Remote Code Execution exist in PHP Scripts Mall Schools Alert Management Script 2.0.2 via a profile picture. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available and no vendor patch available.

File Upload RCE PHP Schools Alert Management Script
NVD Exploit-DB
CVSS 3.1
8.8
EPSS
2.5%
CVE-2018-6888 HIGH POC This Week

An issue was discovered in Typesetter 5.1. Rated high severity (CVSS 8.0), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available and no vendor patch available.

CSRF Typesetter
NVD Exploit-DB
CVSS 3.0
8.0
EPSS
2.0%
CVE-2018-6927 HIGH PATCH This Week

The futex_requeue function in kernel/futex.c in the Linux kernel before 4.14.15 might allow attackers to cause a denial of service (integer overflow) or possibly have unspecified other impact by. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity.

Integer Overflow Denial Of Service Linux Linux Kernel Ubuntu Linux +8
NVD GitHub
CVSS 3.0
7.8
EPSS
0.7%
CVE-2018-6926 HIGH PATCH This Week

In app/Controller/ServersController.php in MISP 2.4.87, a server setting permitted the override of a path variable on certain Red Hed Enterprise Linux and CentOS systems (where rh_shell_fix was. Rated high severity (CVSS 7.2), this vulnerability is remotely exploitable, low attack complexity. This OS Command Injection vulnerability could allow attackers to execute arbitrary operating system commands on the host.

Command Injection PHP Misp
NVD GitHub VulDB
CVSS 3.0
7.2
EPSS
1.7%
CVE-2018-1214 HIGH This Week

Dell EMC SupportAssist Enterprise version 1.1 creates a local Windows user account named "OMEAdapterUser" with a default password as part of the installation process. Rated high severity (CVSS 7.0). No vendor patch available.

Authentication Bypass Microsoft Dell Emc Supportassist Enterprise
NVD
CVSS 3.0
7.0
EPSS
0.8%

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy