Skip to main content
CVE-2018-7714 HIGH POC This Week

The validateInputImageSize function in modules/imgcodecs/src/loadsave.cpp in OpenCV 3.4.1 allows remote attackers to cause a denial of service (assertion failure) because (pixels <= (1<<30)) may be. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Denial Of Service Opencv
NVD GitHub
CVSS 3.0
7.5
EPSS
2.3%
CVE-2018-7713 HIGH POC This Week

The validateInputImageSize function in modules/imgcodecs/src/loadsave.cpp in OpenCV 3.4.1 allows remote attackers to cause a denial of service (assertion failure) because (size.width <= (1<<20)) may. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Denial Of Service Opencv
NVD GitHub
CVSS 3.0
7.5
EPSS
2.3%
CVE-2018-7712 HIGH POC This Week

The validateInputImageSize function in modules/imgcodecs/src/loadsave.cpp in OpenCV 3.4.1 allows remote attackers to cause a denial of service (assertion failure) because (size.height <= (1<<20)) may. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Denial Of Service Opencv
NVD GitHub
CVSS 3.1
7.5
EPSS
2.3%
CVE-2018-0491 HIGH POC PATCH THREAT This Week

A use-after-free issue was discovered in Tor 0.3.2.x before 0.3.2.10. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available.

Memory Corruption Denial Of Service Use After Free Tor
NVD Exploit-DB
CVSS 3.0
7.5
EPSS
15.1%
CVE-2018-1000115 HIGH POC PATCH THREAT This Week

Memcached version 1.5.5 contains an Insufficient Control of Network Message Volume (Network Amplification, CWE-406) vulnerability in the UDP support of the memcached server that can result in denial. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available.

Denial Of Service Memcached Ubuntu Linux Debian Linux Openstack
NVD GitHub Exploit-DB
CVSS 3.0
7.5
EPSS
88.4%
CVE-2018-7668 HIGH POC This Week

TestLink through 1.9.16 allows remote attackers to read arbitrary attachments via a modified ID field to /lib/attachments/attachmentdownload.php. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Information Disclosure PHP Testlink
NVD
CVSS 3.0
7.5
EPSS
1.5%
CVE-2018-7711 HIGH PATCH This Week

HTTPRedirect.php in the saml2 library in SimpleSAMLphp before 1.15.4 has an incorrect check of return values in the signature validation utilities, allowing an attacker to get invalid signatures. Rated high severity (CVSS 8.1), this vulnerability is remotely exploitable, no authentication required.

Jwt Attack Information Disclosure PHP Simplesamlphp Saml2 +1
NVD GitHub
CVSS 3.0
8.1
EPSS
1.2%
CVE-2018-7698 HIGH This Week

An issue was discovered in D-Link mydlink+ 3.8.5 build 259 for DCS-933L 1.05.04 and DCS-934L 1.05.04 devices. Rated high severity (CVSS 8.1), this vulnerability is remotely exploitable, no authentication required. No vendor patch available.

Information Disclosure D-Link Mydlink
NVD
CVSS 3.0
8.1
EPSS
1.1%
CVE-2018-5453 HIGH PATCH This Week

An Improper Handling of Length Parameter Inconsistency issue was discovered in Moxa OnCell G3100-HSPA Series version 1.4 Build 16062919 and prior. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity.

Information Disclosure Oncell G3110 Hspa Firmware Oncell G3110 Hspa T Firmware Oncell G3150 Hspa Firmware Oncell G3150 Hspa T Firmware
NVD
CVSS 3.0
7.5
EPSS
1.2%
CVE-2018-0490 HIGH This Week

An issue was discovered in Tor before 0.2.9.15, 0.3.1.x before 0.3.1.10, and 0.3.2.x before 0.3.2.10. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Null Pointer Dereference Denial Of Service Tor Debian Linux
NVD
CVSS 3.0
7.5
EPSS
2.7%
CVE-2018-7644 HIGH PATCH This Week

The XmlSecLibs library as used in the saml2 library in SimpleSAMLphp before 1.15.3 incorrectly verifies signatures on SAML assertions, allowing a remote attacker to construct a crafted SAML assertion. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Denial Of Service Jwt Attack Simplesamlphp
NVD
CVSS 3.0
7.5
EPSS
1.3%
CVE-2018-1316 HIGH PATCH This Week

The ODE process deployment web service was sensible to deployment messages with forged names. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Apache Path Traversal Ode
NVD
CVSS 3.0
7.5
EPSS
3.2%

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy