Skip to main content
CVE-2018-7219 HIGH POC This Week

application/admin/controller/Admin.php in NoneCms 1.3.0 has CSRF, as demonstrated by changing an admin password or adding an account via a public/index.php/admin/admin/edit.html request. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

CSRF PHP Nonecms
NVD
CVSS 3.0
8.8
EPSS
0.5%
CVE-2018-7254 HIGH POC PATCH This Week

The ParseCaffHeaderConfig function of the cli/caff.c file of WavPack 5.1.0 allows a remote attacker to cause a denial-of-service (global buffer over-read), or possibly trigger a buffer overflow or. Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attack complexity. Public exploit code available.

Information Disclosure Buffer Overflow Wavpack Debian Linux
NVD GitHub Exploit-DB
CVSS 3.0
7.8
EPSS
9.9%
CVE-2018-7253 HIGH POC PATCH This Week

The ParseDsdiffHeaderConfig function of the cli/dsdiff.c file of WavPack 5.1.0 allows a remote attacker to cause a denial-of-service (heap-based buffer over-read) or possibly overwrite the heap via a. Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attack complexity. Public exploit code available.

Information Disclosure Buffer Overflow Wavpack Debian Linux Ubuntu Linux
NVD GitHub
CVSS 3.0
7.8
EPSS
2.9%
CVE-2018-6592 HIGH This Week

Unisys Stealth 3.3 Windows endpoints before 3.3.016.1 allow local users to gain access to Stealth-enabled devices by leveraging improper cleanup of memory used for negotiation key storage. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. No vendor patch available.

Microsoft Information Disclosure Stealth
NVD
CVSS 3.0
7.8
EPSS
0.3%
CVE-2018-1411 HIGH This Week

IBM Notes Diagnostics (IBM Client Application Access and IBM Notes) could allow a local user to execute commands on the system. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. No vendor patch available.

IBM Information Disclosure Notes Client Application Access
NVD
CVSS 3.0
7.8
EPSS
0.4%
CVE-2018-1410 HIGH This Week

IBM Notes Diagnostics (IBM Client Application Access and IBM Notes) could allow a local user to execute commands on the system. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. No vendor patch available.

IBM Information Disclosure Notes Client Application Access
NVD
CVSS 3.0
7.8
EPSS
0.4%
CVE-2018-1409 HIGH This Week

IBM Notes Diagnostics (IBM Client Application Access and IBM Notes) could allow a local user to execute commands on the system. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. No vendor patch available.

IBM Information Disclosure Notes Client Application Access
NVD
CVSS 3.0
7.8
EPSS
0.4%
CVE-2018-5381 HIGH This Week

The Quagga BGP daemon (bgpd) prior to version 1.2.3 has a bug in its parsing of "Capabilities" in BGP OPEN messages, in the bgp_packet.c:bgp_capability_msg_parse function. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Denial Of Service Quagga Ubuntu Linux Debian Linux Ruggedcom Rox Ii Firmware
NVD
CVSS 3.0
7.5
EPSS
30.7%

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy