Skip to main content
CVE-2018-7634 HIGH POC PATCH This Week

An issue was discovered in Enalean Tuleap 9.17. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available.

CSRF Tuleap
NVD GitHub
CVSS 3.0
8.8
EPSS
0.8%
CVE-2018-7589 HIGH POC This Week

An issue was discovered in CImg v.220. Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Information Disclosure Cimg
NVD GitHub
CVSS 3.0
7.8
EPSS
1.3%
CVE-2018-7588 HIGH POC This Week

An issue was discovered in CImg v.220. Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Information Disclosure Buffer Overflow Cimg
NVD GitHub
CVSS 3.0
7.8
EPSS
1.3%
CVE-2018-7587 HIGH POC This Week

An issue was discovered in CImg v.220. Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Buffer Overflow Cimg
NVD GitHub
CVSS 3.0
7.8
EPSS
1.1%
CVE-2018-7579 HIGH POC This Week

\application\admin\controller\update_urls.class.php in YzmCMS 3.6 has SQL Injection via the catids array parameter to admin/update_urls/update_category_url.html. Rated high severity (CVSS 7.2), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available and no vendor patch available.

SQLi PHP Yzmcms
NVD
CVSS 3.0
7.2
EPSS
1.0%
CVE-2018-7590 HIGH This Week

CSRF exists in Hoosk 1.7.0 via /admin/users/new/add, resulting in account creation. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

CSRF Hoosk
NVD GitHub
CVSS 3.0
8.8
EPSS
0.6%
CVE-2018-7550 HIGH PATCH This Week

The load_multiboot function in hw/i386/multiboot.c in Quick Emulator (aka QEMU) allows local guest OS users to execute arbitrary code on the QEMU host via a mh_load_end_addr value greater than. Rated high severity (CVSS 8.8), this vulnerability is low attack complexity. This Out-of-bounds Read vulnerability could allow attackers to read data from memory outside the intended buffer boundaries.

Information Disclosure RCE Buffer Overflow Qemu Debian Linux +7
NVD GitHub
CVSS 3.1
8.8
EPSS
0.6%
CVE-2018-2367 HIGH This Week

ABAP File Interface in, SAP BASIS, from 7.00 to 7.02, from 7.10 to 7.11, 7.30, 7.31, 7.40, from 7.50 to 7.52, allows an attacker to exploit insufficient validation of path information provided by. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

SAP Path Traversal Business Application Software Integrated Solution
NVD
CVSS 3.0
8.8
EPSS
1.9%
CVE-2018-7586 HIGH This Week

In the nextgen-gallery plugin before 2.2.50 for WordPress, gallery paths are not secured. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

WordPress Path Traversal Nextgen Gallery
NVD
CVSS 3.0
7.5
EPSS
2.1%
CVE-2018-7048 HIGH This Week

An issue was discovered in Wowza Streaming Engine before 4.7.1. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Denial Of Service Streaming Engine
NVD
CVSS 3.0
7.5
EPSS
1.5%
CVE-2018-5314 HIGH This Week

Command injection vulnerability in Citrix NetScaler ADC and NetScaler Gateway 11.0 before build 70.16, 11.1 before build 55.13, and 12.0 before build 53.13; and the NetScaler Load Balancing instance. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Authentication Bypass Citrix Command Injection Netscaler Application Delivery Controller Netscaler Gateway +1
NVD
CVSS 3.0
7.5
EPSS
2.8%

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy