Skip to main content
CVE-2018-7547 MEDIUM POC This Month

lyadmin 1.x has XSS via the config[WEB_SITE_TITLE] parameter to the /admin.php?s=/admin/config/groupsave.html URI. Rated medium severity (CVSS 4.8), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available and no vendor patch available.

XSS PHP Lyadmin
NVD GitHub
CVSS 3.1
4.8
EPSS
0.5%
CVE-2018-7542 MEDIUM This Month

An issue was discovered in Xen 4.8.x through 4.10.x allowing x86 PVH guest OS users to cause a denial of service (NULL pointer dereference and hypervisor crash) by leveraging the mishandling of. Rated medium severity (CVSS 6.5), this vulnerability is low attack complexity. No vendor patch available.

Null Pointer Dereference Denial Of Service Xen Debian Linux
NVD
CVSS 3.0
6.5
EPSS
0.4%
CVE-2018-7540 MEDIUM This Month

An issue was discovered in Xen through 4.10.x allowing x86 PV guest OS users to cause a denial of service (host OS CPU hang) via non-preemptable L3/L4 pagetable freeing. Rated medium severity (CVSS 6.5), this vulnerability is low attack complexity. No vendor patch available.

Denial Of Service Xen Debian Linux
NVD
CVSS 3.0
6.5
EPSS
0.4%
CVE-2018-6534 MEDIUM This Month

An issue was discovered in Icinga 2.x through 2.8.1. Rated medium severity (CVSS 6.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Null Pointer Dereference Denial Of Service Icinga
NVD GitHub
CVSS 3.0
6.5
EPSS
1.1%
CVE-2018-0489 MEDIUM PATCH This Month

Shibboleth XMLTooling-C before 1.6.4, as used in Shibboleth Service Provider before 2.6.1.4 on Windows and other products, mishandles digital signatures of user data, which allows remote attackers to. Rated medium severity (CVSS 6.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity.

Microsoft Jwt Attack Information Disclosure Xmltooling C Debian Linux +1
NVD
CVSS 3.0
6.5
EPSS
2.1%
CVE-2018-4914 MEDIUM This Month

An issue was discovered in Adobe Acrobat Reader 2018.009.20050 and earlier versions, 2017.011.30070 and earlier versions, 2015.006.30394 and earlier versions. Rated medium severity (CVSS 6.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Adobe Information Disclosure Buffer Overflow Acrobat Acrobat Dc +2
NVD
CVSS 3.0
6.5
EPSS
11.4%
CVE-2018-4912 MEDIUM This Month

An issue was discovered in Adobe Acrobat Reader 2018.009.20050 and earlier versions, 2017.011.30070 and earlier versions, 2015.006.30394 and earlier versions. Rated medium severity (CVSS 6.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Adobe Information Disclosure Buffer Overflow Acrobat Acrobat Dc +2
NVD
CVSS 3.0
6.5
EPSS
11.0%
CVE-2018-4909 MEDIUM This Month

An issue was discovered in Adobe Acrobat Reader 2018.009.20050 and earlier versions, 2017.011.30070 and earlier versions, 2015.006.30394 and earlier versions. Rated medium severity (CVSS 6.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Adobe Information Disclosure Buffer Overflow Acrobat Acrobat Dc +2
NVD
CVSS 3.0
6.5
EPSS
11.0%
CVE-2018-4908 MEDIUM This Month

An issue was discovered in Adobe Acrobat Reader 2018.009.20050 and earlier versions, 2017.011.30070 and earlier versions, 2015.006.30394 and earlier versions. Rated medium severity (CVSS 6.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Adobe Information Disclosure Buffer Overflow Acrobat Acrobat Dc +2
NVD
CVSS 3.0
6.5
EPSS
11.0%
CVE-2018-4907 MEDIUM This Month

An issue was discovered in Adobe Acrobat Reader 2018.009.20050 and earlier versions, 2017.011.30070 and earlier versions, 2015.006.30394 and earlier versions. Rated medium severity (CVSS 6.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Adobe Information Disclosure Buffer Overflow Acrobat Acrobat Dc +2
NVD
CVSS 3.0
6.5
EPSS
11.0%
CVE-2018-4906 MEDIUM This Month

An issue was discovered in Adobe Acrobat Reader 2018.009.20050 and earlier versions, 2017.011.30070 and earlier versions, 2015.006.30394 and earlier versions. Rated medium severity (CVSS 6.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Adobe Information Disclosure Buffer Overflow Acrobat Acrobat Dc +2
NVD
CVSS 3.0
6.5
EPSS
21.6%
CVE-2018-4905 MEDIUM This Month

An issue was discovered in Adobe Acrobat Reader 2018.009.20050 and earlier versions, 2017.011.30070 and earlier versions, 2015.006.30394 and earlier versions. Rated medium severity (CVSS 6.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Adobe Information Disclosure Buffer Overflow Acrobat Acrobat Dc +2
NVD
CVSS 3.0
6.5
EPSS
11.4%
CVE-2018-4903 MEDIUM This Month

An issue was discovered in Adobe Acrobat Reader 2018.009.20050 and earlier versions, 2017.011.30070 and earlier versions, 2015.006.30394 and earlier versions. Rated medium severity (CVSS 6.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Adobe Information Disclosure Buffer Overflow Acrobat Acrobat Dc +2
NVD
CVSS 3.0
6.5
EPSS
22.4%
CVE-2018-4900 MEDIUM This Month

An issue was discovered in Adobe Acrobat Reader 2018.009.20050 and earlier versions, 2017.011.30070 and earlier versions, 2015.006.30394 and earlier versions. Rated medium severity (CVSS 6.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Adobe Information Disclosure Buffer Overflow Acrobat Acrobat Dc +2
NVD
CVSS 3.0
6.5
EPSS
11.0%
CVE-2018-4899 MEDIUM This Month

An issue was discovered in Adobe Acrobat Reader 2018.009.20050 and earlier versions, 2017.011.30070 and earlier versions, 2015.006.30394 and earlier versions. Rated medium severity (CVSS 6.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Adobe Information Disclosure Buffer Overflow Acrobat Acrobat Dc +2
NVD
CVSS 3.0
6.5
EPSS
11.0%
CVE-2018-4897 MEDIUM This Month

An issue was discovered in Adobe Acrobat Reader 2018.009.20050 and earlier versions, 2017.011.30070 and earlier versions, 2015.006.30394 and earlier versions. Rated medium severity (CVSS 6.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Adobe Information Disclosure Buffer Overflow Acrobat Acrobat Dc +2
NVD
CVSS 3.0
6.5
EPSS
11.0%
CVE-2018-4896 MEDIUM This Month

An issue was discovered in Adobe Acrobat Reader 2018.009.20050 and earlier versions, 2017.011.30070 and earlier versions, 2015.006.30394 and earlier versions. Rated medium severity (CVSS 6.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Adobe Information Disclosure Buffer Overflow Acrobat Acrobat Dc +2
NVD
CVSS 3.0
6.5
EPSS
11.0%
CVE-2018-4894 MEDIUM This Month

An issue was discovered in Adobe Acrobat Reader 2018.009.20050 and earlier versions, 2017.011.30070 and earlier versions, 2015.006.30394 and earlier versions. Rated medium severity (CVSS 6.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Adobe Information Disclosure Buffer Overflow Acrobat Acrobat Dc +2
NVD
CVSS 3.0
6.5
EPSS
11.0%
CVE-2018-4893 MEDIUM This Month

An issue was discovered in Adobe Acrobat Reader 2018.009.20050 and earlier versions, 2017.011.30070 and earlier versions, 2015.006.30394 and earlier versions. Rated medium severity (CVSS 6.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Adobe Information Disclosure Buffer Overflow Acrobat Acrobat Dc +2
NVD
CVSS 3.0
6.5
EPSS
11.0%
CVE-2018-4891 MEDIUM This Month

An issue was discovered in Adobe Acrobat Reader 2018.009.20050 and earlier versions, 2017.011.30070 and earlier versions, 2015.006.30394 and earlier versions. Rated medium severity (CVSS 6.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Adobe Information Disclosure Buffer Overflow Acrobat Acrobat Dc +2
NVD
CVSS 3.0
6.5
EPSS
11.0%
CVE-2018-4889 MEDIUM This Month

An issue was discovered in Adobe Acrobat Reader 2018.009.20050 and earlier versions, 2017.011.30070 and earlier versions, 2015.006.30394 and earlier versions. Rated medium severity (CVSS 6.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Adobe Information Disclosure Buffer Overflow Acrobat Acrobat Dc +2
NVD
CVSS 3.0
6.5
EPSS
11.0%
CVE-2018-4887 MEDIUM This Month

An issue was discovered in Adobe Acrobat Reader 2018.009.20050 and earlier versions, 2017.011.30070 and earlier versions, 2015.006.30394 and earlier versions. Rated medium severity (CVSS 6.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Adobe Information Disclosure Buffer Overflow Acrobat Acrobat Dc +2
NVD
CVSS 3.0
6.5
EPSS
11.0%
CVE-2018-4886 MEDIUM This Month

An issue was discovered in Adobe Acrobat Reader 2018.009.20050 and earlier versions, 2017.011.30070 and earlier versions, 2015.006.30394 and earlier versions. Rated medium severity (CVSS 6.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Adobe Information Disclosure Buffer Overflow Acrobat Acrobat Dc +2
NVD
CVSS 3.0
6.5
EPSS
11.0%
CVE-2018-4885 MEDIUM This Month

An issue was discovered in Adobe Acrobat Reader 2018.009.20050 and earlier versions, 2017.011.30070 and earlier versions, 2015.006.30394 and earlier versions. Rated medium severity (CVSS 6.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Adobe Information Disclosure Buffer Overflow Acrobat Acrobat Dc +2
NVD
CVSS 3.0
6.5
EPSS
11.4%
CVE-2018-4884 MEDIUM This Month

An issue was discovered in Adobe Acrobat Reader 2018.009.20050 and earlier versions, 2017.011.30070 and earlier versions, 2015.006.30394 and earlier versions. Rated medium severity (CVSS 6.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Adobe Information Disclosure Buffer Overflow Acrobat Acrobat Dc +2
NVD
CVSS 3.0
6.5
EPSS
11.4%
CVE-2018-4883 MEDIUM This Month

An issue was discovered in Adobe Acrobat Reader 2018.009.20050 and earlier versions, 2017.011.30070 and earlier versions, 2015.006.30394 and earlier versions. Rated medium severity (CVSS 6.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Adobe Information Disclosure Buffer Overflow Acrobat Acrobat Dc +2
NVD
CVSS 3.0
6.5
EPSS
11.0%
CVE-2018-4882 MEDIUM This Month

An issue was discovered in Adobe Acrobat Reader 2018.009.20050 and earlier versions, 2017.011.30070 and earlier versions, 2015.006.30394 and earlier versions. Rated medium severity (CVSS 6.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Adobe Information Disclosure Buffer Overflow Acrobat Acrobat Dc +2
NVD
CVSS 3.0
6.5
EPSS
11.0%
CVE-2018-4881 MEDIUM This Month

An issue was discovered in Adobe Acrobat Reader 2018.009.20050 and earlier versions, 2017.011.30070 and earlier versions, 2015.006.30394 and earlier versions. Rated medium severity (CVSS 6.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Adobe Information Disclosure Buffer Overflow Acrobat Acrobat Dc +2
NVD
CVSS 3.0
6.5
EPSS
11.0%
CVE-2018-4880 MEDIUM This Month

An issue was discovered in Adobe Acrobat Reader 2018.009.20050 and earlier versions, 2017.011.30070 and earlier versions, 2015.006.30394 and earlier versions. Rated medium severity (CVSS 6.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Adobe Information Disclosure Buffer Overflow Acrobat Acrobat Dc +2
NVD
CVSS 3.0
6.5
EPSS
11.0%
CVE-2018-1416 MEDIUM PATCH This Month

IBM WebSphere Portal 7.0, 8.0, 8.5, and 9.0 is vulnerable to cross-site scripting. Rated medium severity (CVSS 6.1), this vulnerability is remotely exploitable, no authentication required, low attack complexity. This Cross-Site Scripting (XSS) vulnerability could allow attackers to inject malicious scripts into web pages viewed by other users.

XSS IBM Websphere Portal
NVD
CVSS 3.0
6.1
EPSS
1.3%
CVE-2018-4876 MEDIUM PATCH This Month

Adobe Experience Manager versions 6.3, 6.2, and 6.1 are vulnerable to cross-site scripting via a bypass of the Sling XSSAPI#getValidHref function. Rated medium severity (CVSS 6.1), this vulnerability is remotely exploitable, no authentication required, low attack complexity. This Cross-Site Scripting (XSS) vulnerability could allow attackers to inject malicious scripts into web pages viewed by other users.

XSS Adobe Experience Manager
NVD
CVSS 3.0
6.1
EPSS
3.9%
CVE-2018-4875 MEDIUM PATCH This Month

Adobe Experience Manager versions 6.1 and 6.0 are vulnerable to a reflected cross-site scripting vulnerability related to the handling of malicious content embedded in image files uploaded to the DAM. Rated medium severity (CVSS 6.1), this vulnerability is remotely exploitable, no authentication required, low attack complexity. This Cross-Site Scripting (XSS) vulnerability could allow attackers to inject malicious scripts into web pages viewed by other users.

XSS Adobe Experience Manager
NVD
CVSS 3.0
6.1
EPSS
2.9%
CVE-2018-1425 MEDIUM This Month

IBM Security Guardium Big Data Intelligence (SonarG) 3.1 uses weaker than expected cryptographic algorithms that could allow an attacker to decrypt highly sensitive information. Rated medium severity (CVSS 5.9), this vulnerability is remotely exploitable, no authentication required. No vendor patch available.

IBM Information Disclosure Security Guardium Big Data Intelligence
NVD
CVSS 3.0
5.9
EPSS
1.1%
CVE-2018-1399 MEDIUM PATCH This Month

IBM Daeja ViewONE Professional, Standard & Virtual 4.1.5 and 5.0 is vulnerable to cross-site scripting. Rated medium severity (CVSS 5.4), this vulnerability is remotely exploitable, low attack complexity. This Cross-Site Scripting (XSS) vulnerability could allow attackers to inject malicious scripts into web pages viewed by other users.

XSS IBM Daeja Viewone
NVD
CVSS 3.0
5.4
EPSS
0.9%
CVE-2018-7172 MEDIUM PATCH This Month

In index.php in WonderCMS before 2.4.1, remote attackers can delete arbitrary files via directory traversal. Rated medium severity (CVSS 4.9), this vulnerability is remotely exploitable, low attack complexity. This Path Traversal vulnerability could allow attackers to access files and directories outside the intended path.

Path Traversal PHP Wondercms
NVD GitHub
CVSS 3.0
4.9
EPSS
2.7%

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy