Skip to main content
CVE-2018-7439 HIGH POC This Week

An issue was discovered in FreeXL before 1.0.5. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Information Disclosure Buffer Overflow Freexl Debian Linux
NVD
CVSS 3.0
8.8
EPSS
2.2%
CVE-2018-7438 HIGH POC This Week

An issue was discovered in FreeXL before 1.0.5. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Information Disclosure Buffer Overflow Freexl Debian Linux
NVD
CVSS 3.0
8.8
EPSS
2.1%
CVE-2018-7437 HIGH POC This Week

An issue was discovered in FreeXL before 1.0.5. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Information Disclosure Buffer Overflow Freexl Debian Linux
NVD
CVSS 3.0
8.8
EPSS
2.1%
CVE-2018-7436 HIGH POC This Week

An issue was discovered in FreeXL before 1.0.5. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Information Disclosure Buffer Overflow Freexl Debian Linux
NVD
CVSS 3.0
8.8
EPSS
2.2%
CVE-2018-7435 HIGH POC This Week

An issue was discovered in FreeXL before 1.0.5. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Information Disclosure Buffer Overflow Freexl Debian Linux
NVD
CVSS 3.0
8.8
EPSS
2.2%
CVE-2018-7421 HIGH POC This Week

In Wireshark 2.2.0 to 2.2.12 and 2.4.0 to 2.4.4, the DMP dissector could go into an infinite loop. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Denial Of Service Wireshark
NVD
CVSS 3.1
7.5
EPSS
1.7%
CVE-2018-7327 HIGH POC This Week

In Wireshark 2.4.0 to 2.4.4 and 2.2.0 to 2.2.12, epan/dissectors/packet-openflow_v6.c had an infinite loop that was addressed by validating property lengths. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Denial Of Service Wireshark
NVD
CVSS 3.0
7.5
EPSS
2.2%
CVE-2018-7326 HIGH POC This Week

In Wireshark 2.4.0 to 2.4.4 and 2.2.0 to 2.2.12, epan/dissectors/packet-lltd.c had an infinite loop that was addressed by using a correct integer data type. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Denial Of Service Wireshark
NVD
CVSS 3.0
7.5
EPSS
2.2%
CVE-2018-0520 HIGH This Week

Cross-site request forgery (CSRF) vulnerability in FS010W firmware FS010W_00_V1.3.0 and earlier allows an attacker to hijack the authentication of administrators via unspecified vectors. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

CSRF Fs010W Firmware
NVD
CVSS 3.0
8.8
EPSS
0.7%
CVE-2018-7339 HIGH This Week

The MP4Atom class in mp4atom.cpp in MP4v2 through 2.0.0 mishandles Entry Number validation for the MP4 Table Property, which allows remote attackers to cause a denial of service (overflow,. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Denial Of Service Buffer Overflow Mp4V2
NVD GitHub
CVSS 3.0
8.8
EPSS
1.4%
CVE-2018-6764 HIGH PATCH This Week

util/virlog.c in libvirt does not properly determine the hostname on LXC container startup, which allows local guest OS users to bypass an intended container protection mechanism and execute. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity.

Authentication Bypass Libvirt Debian Linux Virtualization Enterprise Linux Desktop +3
NVD
CVSS 3.0
7.8
EPSS
0.3%
CVE-2018-7420 HIGH This Week

In Wireshark 2.2.0 to 2.2.12 and 2.4.0 to 2.4.4, the pcapng file parser could crash. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Denial Of Service Wireshark Debian Linux
NVD
CVSS 3.0
7.5
EPSS
2.7%
CVE-2018-7419 HIGH This Week

In Wireshark 2.2.0 to 2.2.12 and 2.4.0 to 2.4.4, the NBAP dissector could crash. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Denial Of Service Wireshark Debian Linux
NVD
CVSS 3.0
7.5
EPSS
2.7%
CVE-2018-7418 HIGH This Week

In Wireshark 2.2.0 to 2.2.12 and 2.4.0 to 2.4.4, the SIGCOMP dissector could crash. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Denial Of Service Wireshark Debian Linux
NVD
CVSS 3.0
7.5
EPSS
2.7%
CVE-2018-7417 HIGH This Week

In Wireshark 2.2.0 to 2.2.12 and 2.4.0 to 2.4.4, the IPMI dissector could crash. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Denial Of Service Wireshark Debian Linux
NVD
CVSS 3.0
7.5
EPSS
2.6%
CVE-2018-7337 HIGH This Week

In Wireshark 2.4.0 to 2.4.4, the DOCSIS protocol dissector could crash. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Denial Of Service Wireshark Debian Linux
NVD
CVSS 3.0
7.5
EPSS
2.7%
CVE-2018-7336 HIGH This Week

In Wireshark 2.4.0 to 2.4.4 and 2.2.0 to 2.2.12, the FCP protocol dissector could crash. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Null Pointer Dereference Denial Of Service Wireshark Debian Linux
NVD
CVSS 3.0
7.5
EPSS
2.7%
CVE-2018-7335 HIGH This Week

In Wireshark 2.4.0 to 2.4.4 and 2.2.0 to 2.2.12, the IEEE 802.11 dissector could crash. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Denial Of Service Wireshark Debian Linux
NVD
CVSS 3.0
7.5
EPSS
2.7%
CVE-2018-7334 HIGH This Week

In Wireshark 2.4.0 to 2.4.4 and 2.2.0 to 2.2.12, the UMTS MAC dissector could crash. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Denial Of Service Wireshark Debian Linux
NVD
CVSS 3.0
7.5
EPSS
2.7%
CVE-2018-7333 HIGH This Week

In Wireshark 2.4.0 to 2.4.4 and 2.2.0 to 2.2.12, epan/dissectors/packet-rpcrdma.c had an infinite loop that was addressed by validating a chunk size. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Denial Of Service Wireshark
NVD
CVSS 3.0
7.5
EPSS
2.2%
CVE-2018-7332 HIGH This Week

In Wireshark 2.4.0 to 2.4.4 and 2.2.0 to 2.2.12, epan/dissectors/packet-reload.c had an infinite loop that was addressed by validating a length. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Denial Of Service Wireshark Debian Linux
NVD
CVSS 3.0
7.5
EPSS
2.4%
CVE-2018-7331 HIGH This Week

In Wireshark 2.4.0 to 2.4.4 and 2.2.0 to 2.2.12, epan/dissectors/packet-ber.c had an infinite loop that was addressed by validating a length. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Denial Of Service Wireshark Debian Linux
NVD
CVSS 3.0
7.5
EPSS
2.4%
CVE-2018-7330 HIGH This Week

In Wireshark 2.4.0 to 2.4.4 and 2.2.0 to 2.2.12, epan/dissectors/packet-thread.c had an infinite loop that was addressed by using a correct integer data type. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Denial Of Service Wireshark
NVD
CVSS 3.0
7.5
EPSS
2.2%
CVE-2018-7329 HIGH This Week

In Wireshark 2.4.0 to 2.4.4 and 2.2.0 to 2.2.12, epan/dissectors/packet-s7comm.c had an infinite loop that was addressed by correcting off-by-one errors. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Denial Of Service Wireshark
NVD
CVSS 3.0
7.5
EPSS
2.2%
CVE-2018-7328 HIGH This Week

In Wireshark 2.4.0 to 2.4.4 and 2.2.0 to 2.2.12, epan/dissectors/packet-usb.c had an infinite loop that was addressed by rejecting short frame header lengths. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Denial Of Service Wireshark
NVD
CVSS 3.0
7.5
EPSS
2.2%
CVE-2018-7325 HIGH This Week

In Wireshark 2.4.0 to 2.4.4 and 2.2.0 to 2.2.12, epan/dissectors/packet-rpki-rtr.c had an infinite loop that was addressed by validating a length field. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Denial Of Service Wireshark Debian Linux
NVD
CVSS 3.0
7.5
EPSS
2.4%
CVE-2018-7324 HIGH This Week

In Wireshark 2.4.0 to 2.4.4 and 2.2.0 to 2.2.12, epan/dissectors/packet-sccp.c had an infinite loop that was addressed by using a correct integer data type. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Denial Of Service Wireshark Debian Linux
NVD
CVSS 3.0
7.5
EPSS
2.4%
CVE-2018-7323 HIGH This Week

In Wireshark 2.4.0 to 2.4.4 and 2.2.0 to 2.2.12, epan/dissectors/packet-wccp.c had a large loop that was addressed by ensuring that a calculated length was monotonically increasing. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Information Disclosure Wireshark Debian Linux
NVD
CVSS 3.0
7.5
EPSS
2.5%
CVE-2018-7322 HIGH This Week

In Wireshark 2.4.0 to 2.4.4 and 2.2.0 to 2.2.12, epan/dissectors/packet-dcm.c had an infinite loop that was addressed by checking for integer wraparound. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Denial Of Service Wireshark Debian Linux
NVD
CVSS 3.0
7.5
EPSS
2.5%
CVE-2018-7321 HIGH This Week

In Wireshark 2.4.0 to 2.4.4 and 2.2.0 to 2.2.12, epan/dissectors/packet-thrift.c had a large loop that was addressed by not proceeding with dissection after encountering an unexpected type. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Information Disclosure Wireshark
NVD
CVSS 3.0
7.5
EPSS
1.7%
CVE-2018-7320 HIGH This Week

In Wireshark 2.4.0 to 2.4.4 and 2.2.0 to 2.2.12, the SIGCOMP protocol dissector could crash. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Denial Of Service Wireshark Debian Linux
NVD
CVSS 3.0
7.5
EPSS
2.7%
CVE-2018-7441 HIGH This Week

Leptonica through 1.75.3 uses hardcoded /tmp pathnames, which might allow local users to overwrite arbitrary files or have unspecified other impact by creating files in advance or winning a race. Rated high severity (CVSS 7.0). No vendor patch available.

Race Condition RCE Leptonica
NVD
CVSS 3.0
7.0
EPSS
0.3%

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy