Skip to main content
CVE-2018-8964 MEDIUM POC This Month

In libming 0.4.8, the decompileDELETE function of decompile.c has a use-after-free. Rated medium severity (CVSS 6.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Memory Corruption Denial Of Service Use After Free Libming
NVD GitHub
CVSS 3.0
6.5
EPSS
1.7%
CVE-2018-8963 MEDIUM POC This Month

In libming 0.4.8, the decompileGETVARIABLE function of decompile.c has a use-after-free. Rated medium severity (CVSS 6.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Memory Corruption Denial Of Service Use After Free Libming
NVD GitHub
CVSS 3.0
6.5
EPSS
1.5%
CVE-2018-8962 MEDIUM POC This Month

In libming 0.4.8, the decompileSingleArgBuiltInFunctionCall function of decompile.c has a use-after-free. Rated medium severity (CVSS 6.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Memory Corruption Denial Of Service Use After Free Libming
NVD GitHub
CVSS 3.0
6.5
EPSS
1.7%
CVE-2018-8961 MEDIUM POC This Month

In libming 0.4.8, the decompilePUSHPARAM function of decompile.c has a use-after-free. Rated medium severity (CVSS 6.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Memory Corruption Denial Of Service Use After Free Libming
NVD GitHub
CVSS 3.0
6.5
EPSS
1.5%
CVE-2018-1000139 MEDIUM POC This Month

I, Librarian version 4.8 and earlier contains a Cross Site Scripting (XSS) vulnerability in "id" parameter in stable.php that can result in an attacker using the XSS to send a malicious script to an. Rated medium severity (CVSS 6.1), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

XSS PHP I Librarian
NVD GitHub
CVSS 3.1
6.1
EPSS
0.9%
CVE-2018-8957 MEDIUM POC This Month

CoverCMS v1.1.6 has XSS via the fourth input box to index.php, related to admina/mconfigs.inc.php. Rated medium severity (CVSS 5.4), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available and no vendor patch available.

XSS PHP Covercms
NVD GitHub
CVSS 3.0
5.4
EPSS
0.8%
CVE-2018-8948 MEDIUM PATCH This Month

In MISP before 2.4.89, app/View/Events/resolved_attributes.ctp has multiple XSS issues via a malicious MISP module. Rated medium severity (CVSS 6.1), this vulnerability is remotely exploitable, no authentication required, low attack complexity. This Cross-Site Scripting (XSS) vulnerability could allow attackers to inject malicious scripts into web pages viewed by other users.

XSS Misp
NVD GitHub
CVSS 3.0
6.1
EPSS
0.8%
CVE-2018-1429 MEDIUM PATCH This Month

IBM MQ Appliance 9.0.1, 9.0.2, 9.0.3, amd 9.0.4 is vulnerable to cross-site scripting. Rated medium severity (CVSS 5.4), this vulnerability is remotely exploitable, low attack complexity. This Cross-Site Scripting (XSS) vulnerability could allow attackers to inject malicious scripts into web pages viewed by other users.

Amd XSS IBM Mq Appliance
NVD
CVSS 3.0
5.4
EPSS
1.1%
CVE-2018-8949 MEDIUM PATCH This Month

An issue was discovered in app/Model/Attribute.php in MISP before 2.4.89. Rated medium severity (CVSS 4.3), this vulnerability is remotely exploitable, low attack complexity.

Information Disclosure PHP Misp
NVD GitHub
CVSS 3.0
4.3
EPSS
0.8%

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy