Skip to main content
CVE-2018-7466 HIGH POC PATCH This Week

install/installNewDB.php in TestLink through 1.9.16 allows remote attackers to conduct injection attacks by leveraging control over DB LOGIN NAMES data during installation to provide a long, crafted. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable. Public exploit code available.

Code Injection RCE PHP Testlink
NVD GitHub Exploit-DB
CVSS 3.0
7.5
EPSS
6.2%
CVE-2018-7470 MEDIUM POC This Month

An issue was discovered in ImageMagick 7.0.7-22 Q16. Rated medium severity (CVSS 6.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Denial Of Service Buffer Overflow Imagemagick
NVD GitHub
CVSS 3.0
6.5
EPSS
1.9%
CVE-2018-7480 HIGH PATCH This Week

The blkcg_init_queue function in block/blk-cgroup.c in the Linux kernel before 4.11 allows local users to cause a denial of service (double free) or possibly have unspecified other impact by. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity.

Denial Of Service Linux Linux Kernel Ubuntu Linux Debian Linux
NVD GitHub
CVSS 3.1
7.8
EPSS
0.4%
CVE-2018-7471 HIGH This Week

KingView 7.5SP1 has an integer overflow during stgopenstorage API read operations. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. No vendor patch available.

Integer Overflow Buffer Overflow Kingview
NVD
CVSS 3.0
7.8
EPSS
0.3%
CVE-2018-7476 MEDIUM PATCH This Month

controllers/admin/Linkage.php in dayrui FineCms 5.3.0 has Cross Site Scripting (XSS) via the id or lid parameter in a c=linkage,m=import request to admin.php, because the xss_clean protection. Rated medium severity (CVSS 6.1), this vulnerability is remotely exploitable, no authentication required, low attack complexity. This Cross-Site Scripting (XSS) vulnerability could allow attackers to inject malicious scripts into web pages viewed by other users.

XSS PHP Finecms
NVD
CVSS 3.0
6.1
EPSS
0.9%
CVE-2018-7472 MEDIUM This Month

INVT Studio 1.2 allows remote attackers to cause a denial of service during import operations. Rated medium severity (CVSS 5.5), this vulnerability is low attack complexity. No vendor patch available.

Denial Of Service Studio
NVD
CVSS 3.0
5.5
EPSS
0.4%

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy