Skip to main content
CVE-2018-7251 CRITICAL POC PATCH THREAT Act Now

An issue was discovered in config/error.php in Anchor 0.12.3. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Information Disclosure PHP Anchor
NVD GitHub Exploit-DB
CVSS 3.0
9.8
EPSS
72.3%
CVE-2018-7225 CRITICAL POC Act Now

An issue was discovered in LibVNCServer through 0.9.11. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Integer Overflow Information Disclosure Libvncserver Debian Linux Ubuntu Linux +6
NVD GitHub
CVSS 3.0
9.8
EPSS
6.2%
CVE-2018-7247 CRITICAL Act Now

An issue was discovered in pixHtmlViewer in prog/htmlviewer.c in Leptonica before 1.75.3. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

RCE Buffer Overflow Leptonica
NVD GitHub
CVSS 3.0
9.8
EPSS
2.5%
CVE-2018-5475 CRITICAL PATCH Act Now

A Stack-based Buffer Overflow issue was discovered in GE D60 Line Distance Relay devices running firmware Version 7.11 and prior. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity.

RCE Buffer Overflow Stack Overflow D60 Line Distance Relay Firmware
NVD
CVSS 3.1
9.8
EPSS
3.8%
CVE-2018-5473 CRITICAL Act Now

An Improper Restriction of Operations within the Bounds of a Memory Buffer issue was discovered in GE D60 Line Distance Relay devices running firmware Version 7.11 and prior. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

RCE Buffer Overflow D60 Line Distance Relay Firmware
NVD
CVSS 3.1
9.8
EPSS
5.9%
CVE-2018-5439 CRITICAL Act Now

A Command Injection issue was discovered in Nortek Linear eMerge E3 series Versions V0.32-07e and prior. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

RCE Command Injection Emerge E3 Firmware
NVD
CVSS 3.0
9.8
EPSS
4.2%
CVE-2018-7226 CRITICAL PATCH Act Now

An issue was discovered in vcSetXCutTextProc() in VNConsole.c in LinuxVNC and VNCommand from the LibVNC/vncterm distribution through 0.9.10. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. This Integer Overflow vulnerability could allow attackers to cause unexpected behavior through arithmetic overflow.

Integer Overflow Buffer Overflow Vncterm
NVD GitHub
CVSS 3.0
9.8
EPSS
2.3%
CVE-2018-5379 CRITICAL Act Now

The Quagga BGP daemon (bgpd) prior to version 1.2.3 can double-free memory when processing certain forms of UPDATE message, containing cluster-list and/or unknown attributes. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Denial Of Service RCE Quagga Debian Linux Ubuntu Linux +6
NVD
CVSS 3.0
9.8
EPSS
39.0%

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy