Skip to main content
CVE-2018-6224 HIGH POC PATCH This Week

A lack of cross-site request forgery (CSRF) protection vulnerability in Trend Micro Email Encryption Gateway 5.5 could allow an attacker to submit authenticated requests to a user browsing an. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available.

CSRF Trend Micro Email Encryption Gateway
NVD Exploit-DB
CVSS 3.0
8.8
EPSS
2.2%
CVE-2018-8717 HIGH POC This Week

{pre}manager request. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

CSRF PHP Joyplus Cms
NVD GitHub
CVSS 3.0
8.8
EPSS
0.7%
CVE-2018-6221 HIGH POC PATCH This Week

An unvalidated software update vulnerability in Trend Micro Email Encryption Gateway 5.5 could allow a man-in-the-middle attacker to tamper with an update file and inject their own. Rated high severity (CVSS 8.1), this vulnerability is remotely exploitable, no authentication required. Public exploit code available.

Code Injection Trend Micro Email Encryption Gateway
NVD Exploit-DB
CVSS 3.0
8.1
EPSS
6.4%
CVE-2018-8715 HIGH POC PATCH THREAT This Week

The Embedthis HTTP library, and Appweb versions before 7.0.3, have a logic flaw related to the authCondition function in http/httpLib.c. Rated high severity (CVSS 8.1), this vulnerability is remotely exploitable, no authentication required. Public exploit code available.

Authentication Bypass Appweb
NVD GitHub
CVSS 3.0
8.1
EPSS
19.9%
CVE-2018-7705 HIGH POC This Week

Directory traversal vulnerability in SecurEnvoy SecurMail before 9.2.501 allows remote authenticated users to read e-mail messages to arbitrary recipients via a .. Rated high severity (CVSS 8.1), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available and no vendor patch available.

Path Traversal Securmail
NVD Exploit-DB
CVSS 3.0
8.1
EPSS
6.3%
CVE-2018-6222 HIGH POC PATCH This Week

Arbitrary logs location in Trend Micro Email Encryption Gateway 5.5 could allow an attacker to change location of log files and be manipulated to execute arbitrary commands and attain command. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. Public exploit code available.

Trend Micro Command Injection Email Encryption Gateway
NVD Exploit-DB
CVSS 3.0
7.8
EPSS
1.3%
CVE-2018-7886 HIGH POC This Week

An issue was discovered in CloudMe 1.11.0. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. Public exploit code available and no vendor patch available.

RCE Buffer Overflow Sync
NVD Exploit-DB
CVSS 3.0
7.8
EPSS
2.1%
CVE-2018-8045 HIGH This Week

In Joomla!. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

SQLi Joomla
NVD
CVSS 3.0
8.8
EPSS
29.2%
CVE-2018-5476 HIGH This Week

A Stack-based Buffer Overflow issue was discovered in Delta Electronics Delta Industrial Automation DOPSoft, Version 4.00.01 or prior. Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

RCE Buffer Overflow Stack Overflow Delta Industrial Automation Dopsoft
NVD
CVSS 3.1
7.8
EPSS
1.7%
CVE-2018-8076 HIGH This Week

ZenMate 1.5.4 for macOS suffers from a type confusion vulnerability within the com.zenmate.chron-xpc LaunchDaemon component. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Denial Of Service Apple Zenmate
NVD GitHub
CVSS 3.0
7.5
EPSS
1.1%

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy