Skip to main content
CVE-2018-1230 HIGH This Week

Pivotal Spring Batch Admin, all versions, does not contain cross site request forgery protection. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Java CSRF Spring Batch Admin
NVD
CVSS 3.0
8.8
EPSS
0.7%
CVE-2018-1345 HIGH This Week

NetIQ iManager, versions prior to 3.1, under some circumstances could be susceptible to an elevation of privilege attack. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Information Disclosure Imanager
NVD
CVSS 3.0
8.8
EPSS
0.7%
CVE-2018-1344 HIGH This Week

Addresses potential communication downgrade attack in NetIQ iManager versions prior to 3.1. Rated high severity (CVSS 8.6), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Information Disclosure Imanager
NVD
CVSS 3.0
8.6
EPSS
0.9%
CVE-2018-8074 HIGH PATCH This Week

Yii 2.x before 2.0.15 allows remote attackers to inject unintended search conditions via a variant of the CVE-2018-7269 attack in conjunction with the Elasticsearch extension. Rated high severity (CVSS 8.1), this vulnerability is remotely exploitable, no authentication required. No vendor patch available.

Elastic Code Injection RCE Yii
NVD
CVSS 3.0
8.1
EPSS
1.5%
CVE-2018-3710 HIGH This Week

Gitlab Community and Enterprise Editions version 10.3.3 is vulnerable to an Insecure Temporary File in the project import component resulting remote code execution. Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Gitlab RCE Debian Linux
NVD
CVSS 3.1
7.8
EPSS
2.9%
CVE-2018-1346 HIGH This Week

Addresses denial of service attack to eDirectory versions prior to 9.1. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Denial Of Service Edirectory
NVD
CVSS 3.0
7.5
EPSS
1.3%

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy