Skip to main content
CVE-2018-7251 CRITICAL POC PATCH THREAT Act Now

An issue was discovered in config/error.php in Anchor 0.12.3. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Information Disclosure PHP Anchor
NVD GitHub Exploit-DB
CVSS 3.0
9.8
EPSS
72.3%
CVE-2018-7225 CRITICAL POC Act Now

An issue was discovered in LibVNCServer through 0.9.11. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Integer Overflow Information Disclosure Libvncserver Debian Linux Ubuntu Linux +6
NVD GitHub
CVSS 3.0
9.8
EPSS
6.2%
CVE-2018-7219 HIGH POC This Week

application/admin/controller/Admin.php in NoneCms 1.3.0 has CSRF, as demonstrated by changing an admin password or adding an account via a public/index.php/admin/admin/edit.html request. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

CSRF PHP Nonecms
NVD
CVSS 3.0
8.8
EPSS
0.5%
CVE-2018-7254 HIGH POC PATCH This Week

The ParseCaffHeaderConfig function of the cli/caff.c file of WavPack 5.1.0 allows a remote attacker to cause a denial-of-service (global buffer over-read), or possibly trigger a buffer overflow or. Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attack complexity. Public exploit code available.

Information Disclosure Buffer Overflow Wavpack Debian Linux
NVD GitHub Exploit-DB
CVSS 3.0
7.8
EPSS
9.9%
CVE-2018-7253 HIGH POC PATCH This Week

The ParseDsdiffHeaderConfig function of the cli/dsdiff.c file of WavPack 5.1.0 allows a remote attacker to cause a denial-of-service (heap-based buffer over-read) or possibly overwrite the heap via a. Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attack complexity. Public exploit code available.

Information Disclosure Buffer Overflow Wavpack Debian Linux Ubuntu Linux
NVD GitHub
CVSS 3.0
7.8
EPSS
2.9%
CVE-2018-7247 CRITICAL Act Now

An issue was discovered in pixHtmlViewer in prog/htmlviewer.c in Leptonica before 1.75.3. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

RCE Buffer Overflow Leptonica
NVD GitHub
CVSS 3.0
9.8
EPSS
2.5%
CVE-2018-5475 CRITICAL PATCH Act Now

A Stack-based Buffer Overflow issue was discovered in GE D60 Line Distance Relay devices running firmware Version 7.11 and prior. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity.

RCE Buffer Overflow Stack Overflow D60 Line Distance Relay Firmware
NVD
CVSS 3.1
9.8
EPSS
3.8%
CVE-2018-5473 CRITICAL Act Now

An Improper Restriction of Operations within the Bounds of a Memory Buffer issue was discovered in GE D60 Line Distance Relay devices running firmware Version 7.11 and prior. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

RCE Buffer Overflow D60 Line Distance Relay Firmware
NVD
CVSS 3.1
9.8
EPSS
5.9%
CVE-2018-5439 CRITICAL Act Now

A Command Injection issue was discovered in Nortek Linear eMerge E3 series Versions V0.32-07e and prior. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

RCE Command Injection Emerge E3 Firmware
NVD
CVSS 3.0
9.8
EPSS
4.2%
CVE-2018-7226 CRITICAL PATCH Act Now

An issue was discovered in vcSetXCutTextProc() in VNConsole.c in LinuxVNC and VNCommand from the LibVNC/vncterm distribution through 0.9.10. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. This Integer Overflow vulnerability could allow attackers to cause unexpected behavior through arithmetic overflow.

Integer Overflow Buffer Overflow Vncterm
NVD GitHub
CVSS 3.0
9.8
EPSS
2.3%
CVE-2018-5379 CRITICAL Act Now

The Quagga BGP daemon (bgpd) prior to version 1.2.3 can double-free memory when processing certain forms of UPDATE message, containing cluster-list and/or unknown attributes. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Denial Of Service RCE Quagga Debian Linux Ubuntu Linux +6
NVD
CVSS 3.0
9.8
EPSS
39.0%
CVE-2018-6592 HIGH This Week

Unisys Stealth 3.3 Windows endpoints before 3.3.016.1 allow local users to gain access to Stealth-enabled devices by leveraging improper cleanup of memory used for negotiation key storage. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. No vendor patch available.

Microsoft Information Disclosure Stealth
NVD
CVSS 3.0
7.8
EPSS
0.3%
CVE-2018-1411 HIGH This Week

IBM Notes Diagnostics (IBM Client Application Access and IBM Notes) could allow a local user to execute commands on the system. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. No vendor patch available.

IBM Information Disclosure Notes Client Application Access
NVD
CVSS 3.0
7.8
EPSS
0.4%
CVE-2018-1410 HIGH This Week

IBM Notes Diagnostics (IBM Client Application Access and IBM Notes) could allow a local user to execute commands on the system. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. No vendor patch available.

IBM Information Disclosure Notes Client Application Access
NVD
CVSS 3.0
7.8
EPSS
0.4%
CVE-2018-1409 HIGH This Week

IBM Notes Diagnostics (IBM Client Application Access and IBM Notes) could allow a local user to execute commands on the system. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. No vendor patch available.

IBM Information Disclosure Notes Client Application Access
NVD
CVSS 3.0
7.8
EPSS
0.4%
CVE-2018-5381 HIGH This Week

The Quagga BGP daemon (bgpd) prior to version 1.2.3 has a bug in its parsing of "Capabilities" in BGP OPEN messages, in the bgp_packet.c:bgp_capability_msg_parse function. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Denial Of Service Quagga Ubuntu Linux Debian Linux Ruggedcom Rox Ii Firmware
NVD
CVSS 3.0
7.5
EPSS
30.7%
CVE-2018-5763 MEDIUM This Month

An issue was discovered in OXID eShop Enterprise Edition before 5.3.7 and 6.x before 6.0.1. Rated medium severity (CVSS 5.9), this vulnerability is remotely exploitable, no authentication required. No vendor patch available.

Information Disclosure Eshop
NVD
CVSS 3.0
5.9
EPSS
1.1%
CVE-2018-5378 MEDIUM This Month

The Quagga BGP daemon (bgpd) prior to version 1.2.3 does not properly bounds check the data sent with a NOTIFY to a peer, if an attribute length is invalid. Rated medium severity (CVSS 5.9), this vulnerability is remotely exploitable. No vendor patch available.

Buffer Overflow Quagga Debian Linux Ubuntu Linux
NVD
CVSS 3.0
5.9
EPSS
74.6%
CVE-2018-6591 MEDIUM PATCH This Month

Converse.js and Inverse.js through 3.3 allow remote attackers to obtain sensitive information because it is too difficult to determine whether safe publication of private data was configured or even. Rated medium severity (CVSS 5.3), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Information Disclosure Converse Js
NVD
CVSS 3.0
5.3
EPSS
1.1%
CVE-2018-5380 MEDIUM This Month

The Quagga BGP daemon (bgpd) prior to version 1.2.3 can overrun internal BGP code-to-string conversion tables used for debug by 1 pointer value, based on input. Rated medium severity (CVSS 4.3), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Information Disclosure Buffer Overflow Quagga Debian Linux Ubuntu Linux +1
NVD
CVSS 3.0
4.3
EPSS
15.1%

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy