Skip to main content
CVE-2018-8979 HIGH POC This Week

Open-AudIT Professional 2.1 has CSRF, as demonstrated by modifying a user account or inserting XSS sequences via the credentials URI. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

CSRF XSS Open Audit
NVD Exploit-DB
CVSS 3.0
8.8
EPSS
1.3%
CVE-2018-8817 HIGH POC This Week

Wampserver before 3.1.3 has CSRF in add_vhost.php. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

CSRF PHP Wampserver
NVD Exploit-DB
CVSS 3.0
8.8
EPSS
3.3%
CVE-2018-9009 HIGH POC This Week

In libming 0.4.8, there is a use-after-free in the decompileJUMP function of the decompile.c file. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Memory Corruption Information Disclosure Use After Free Libming Debian Linux
NVD GitHub
CVSS 3.0
8.8
EPSS
1.9%
CVE-2018-9007 HIGH POC This Week

In Advanced SystemCare Ultimate 11.0.1.58, the driver file (Monitor_x86.sys) allows local users to cause a denial of service (BSOD) or possibly have unspecified other impact because of not validating. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. Public exploit code available and no vendor patch available.

Denial Of Service Advanced Systemcare Ultimate
NVD GitHub
CVSS 3.0
7.8
EPSS
0.4%
CVE-2018-9006 HIGH POC This Week

In Advanced SystemCare Ultimate 11.0.1.58, the driver file (Monitor_win7_x64.sys) allows local users to cause a denial of service (BSOD) or possibly have unspecified other impact because of not. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. Public exploit code available and no vendor patch available.

Denial Of Service Advanced Systemcare Ultimate
NVD GitHub
CVSS 3.0
7.8
EPSS
0.4%
CVE-2018-9005 HIGH POC This Week

In Advanced SystemCare Ultimate 11.0.1.58, the driver file (Monitor_win7_x64.sys) allows local users to cause a denial of service (BSOD) or possibly have unspecified other impact because of not. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. Public exploit code available and no vendor patch available.

Denial Of Service Advanced Systemcare Ultimate
NVD GitHub
CVSS 3.0
7.8
EPSS
0.4%
CVE-2018-9004 HIGH POC This Week

In Advanced SystemCare Ultimate 11.0.1.58, the driver file (Monitor_x86.sys) allows local users to cause a denial of service (BSOD) or possibly have unspecified other impact because of not validating. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. Public exploit code available and no vendor patch available.

Denial Of Service Advanced Systemcare Ultimate
NVD GitHub
CVSS 3.0
7.8
EPSS
0.4%
CVE-2018-9003 HIGH POC This Week

In Advanced SystemCare Ultimate 11.0.1.58, the driver file (Monitor_x86.sys) allows local users to cause a denial of service (BSOD) or possibly have unspecified other impact because of not validating. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. Public exploit code available and no vendor patch available.

Denial Of Service Advanced Systemcare Ultimate
NVD GitHub
CVSS 3.0
7.8
EPSS
0.4%
CVE-2018-9002 HIGH POC This Week

In Advanced SystemCare Ultimate 11.0.1.58, the driver file (Monitor_win7_x64.sys) allows local users to cause a denial of service (BSOD) or possibly have unspecified other impact because of not. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. Public exploit code available and no vendor patch available.

Denial Of Service Advanced Systemcare Ultimate
NVD GitHub
CVSS 3.0
7.8
EPSS
0.4%
CVE-2018-9001 HIGH POC This Week

In Advanced SystemCare Ultimate 11.0.1.58, the driver file (Monitor_win7_x64.sys) allows local users to cause a denial of service (BSOD) or possibly have unspecified other impact because of not. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. Public exploit code available and no vendor patch available.

Denial Of Service Advanced Systemcare Ultimate
NVD GitHub
CVSS 3.0
7.8
EPSS
0.4%
CVE-2018-9000 HIGH POC This Week

In Advanced SystemCare Ultimate 11.0.1.58, the driver file (Monitor_x86.sys) allows local users to cause a denial of service (BSOD) or possibly have unspecified other impact because of not validating. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. Public exploit code available and no vendor patch available.

Denial Of Service Advanced Systemcare Ultimate
NVD GitHub
CVSS 3.0
7.8
EPSS
0.4%
CVE-2018-8999 HIGH POC This Week

In Advanced SystemCare Ultimate 11.0.1.58, the driver file (Monitor_win7_x64.sys) allows local users to cause a denial of service (BSOD) or possibly have unspecified other impact because of not. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. Public exploit code available and no vendor patch available.

Denial Of Service Advanced Systemcare Ultimate
NVD GitHub
CVSS 3.0
7.8
EPSS
0.4%
CVE-2018-8998 HIGH POC This Week

In Advanced SystemCare Ultimate 11.0.1.58, the driver file (Monitor_x86.sys) allows local users to cause a denial of service (BSOD) or possibly have unspecified other impact because of not validating. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. Public exploit code available and no vendor patch available.

Denial Of Service Advanced Systemcare Ultimate
NVD GitHub
CVSS 3.0
7.8
EPSS
0.4%
CVE-2018-8997 HIGH POC This Week

In Windows Master (aka Windows Optimization Master) 7.99.13.604, the driver file (WoptiHWDetect.SYS) allows local users to cause a denial of service (BSOD) or possibly have unspecified other impact. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. Public exploit code available and no vendor patch available.

Microsoft Denial Of Service Windows Optimization Master
NVD GitHub
CVSS 3.0
7.8
EPSS
0.4%
CVE-2018-8996 HIGH POC This Week

In Windows Master (aka Windows Optimization Master) 7.99.13.604, the driver file (WoptiHWDetect.SYS) allows local users to cause a denial of service (BSOD) or possibly have unspecified other impact. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. Public exploit code available and no vendor patch available.

Microsoft Denial Of Service Windows Optimization Master
NVD GitHub
CVSS 3.0
7.8
EPSS
0.4%
CVE-2018-8995 HIGH POC This Week

In Windows Master (aka Windows Optimization Master) 7.99.13.604, the driver file (WoptiHWDetect.SYS) allows local users to cause a denial of service (BSOD) or possibly have unspecified other impact. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. Public exploit code available and no vendor patch available.

Microsoft Denial Of Service Windows Optimization Master
NVD GitHub
CVSS 3.0
7.8
EPSS
0.4%
CVE-2018-8994 HIGH POC This Week

In Windows Master (aka Windows Optimization Master) 7.99.13.604, the driver file (WoptiHWDetect.SYS) allows local users to cause a denial of service (BSOD) or possibly have unspecified other impact. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. Public exploit code available and no vendor patch available.

Microsoft Denial Of Service Windows Optimization Master
NVD GitHub
CVSS 3.0
7.8
EPSS
0.4%
CVE-2018-8993 HIGH POC This Week

In Windows Master (aka Windows Optimization Master) 7.99.13.604, the driver file (WoptiHWDetect.SYS) allows local users to cause a denial of service (BSOD) or possibly have unspecified other impact. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. Public exploit code available and no vendor patch available.

Microsoft Denial Of Service Windows Optimization Master
NVD GitHub
CVSS 3.0
7.8
EPSS
0.4%
CVE-2018-8992 HIGH POC This Week

In Windows Master (aka Windows Optimization Master) 7.99.13.604, the driver file (WoptiHWDetect.SYS) allows local users to cause a denial of service (BSOD) or possibly have unspecified other impact. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. Public exploit code available and no vendor patch available.

Microsoft Denial Of Service Windows Optimization Master
NVD GitHub
CVSS 3.0
7.8
EPSS
0.4%
CVE-2018-8991 HIGH POC This Week

In Windows Master (aka Windows Optimization Master) 7.99.13.604, the driver file (WoptiHWDetect.SYS) allows local users to cause a denial of service (BSOD) or possibly have unspecified other impact. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. Public exploit code available and no vendor patch available.

Microsoft Denial Of Service Windows Optimization Master
NVD GitHub
CVSS 3.0
7.8
EPSS
0.4%
CVE-2018-8990 HIGH POC This Week

In Windows Master (aka Windows Optimization Master) 7.99.13.604, the driver file (WoptiHWDetect.SYS) allows local users to cause a denial of service (BSOD) or possibly have unspecified other impact. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. Public exploit code available and no vendor patch available.

Microsoft Denial Of Service Windows Optimization Master
NVD GitHub
CVSS 3.0
7.8
EPSS
0.4%
CVE-2018-8989 HIGH POC This Week

In Windows Master (aka Windows Optimization Master) 7.99.13.604, the driver file (WoptiHWDetect.SYS) allows local users to cause a denial of service (BSOD) or possibly have unspecified other impact. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. Public exploit code available and no vendor patch available.

Microsoft Denial Of Service Windows Optimization Master
NVD GitHub
CVSS 3.0
7.8
EPSS
0.4%
CVE-2018-8988 HIGH POC This Week

In Windows Master (aka Windows Optimization Master) 7.99.13.604, the driver file (WoptiHWDetect.SYS) allows local users to cause a denial of service (BSOD) or possibly have unspecified other impact. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. Public exploit code available and no vendor patch available.

Microsoft Denial Of Service Windows Optimization Master
NVD GitHub
CVSS 3.0
7.8
EPSS
0.4%
CVE-2018-8947 HIGH POC PATCH THREAT This Week

rap2hpoutre Laravel Log Viewer before v0.13.0 relies on Base64 encoding for l, dl, and del requests, which makes it easier for remote attackers to bypass intended access restrictions, as demonstrated. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available.

Authentication Bypass Laravel Log Viewer
NVD GitHub Exploit-DB
CVSS 3.0
7.5
EPSS
11.6%
CVE-2018-7719 HIGH POC THREAT This Week

Acrolinx Server before 5.2.5 on Windows allows Directory Traversal. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Microsoft Path Traversal Acrolinx Server
NVD Exploit-DB
CVSS 3.0
7.5
EPSS
46.3%
CVE-2018-9010 HIGH POC This Week

Intelbras TELEFONE IP TIP200/200 LITE 60.0.75.29 devices allow remote authenticated admins to read arbitrary files via the /cgi-bin/cgiServer.exx page parameter, aka absolute path traversal. Rated high severity (CVSS 7.2), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available and no vendor patch available.

Path Traversal Tip200 Firmware Tip200Lite Firmware
NVD Exploit-DB
CVSS 3.1
7.2
EPSS
9.8%
CVE-2018-9018 MEDIUM POC This Month

In GraphicsMagick 1.3.28, there is a divide-by-zero in the ReadMNGImage function of coders/png.c. Rated medium severity (CVSS 6.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Denial Of Service Graphicsmagick Debian Linux
NVD
CVSS 3.0
6.5
EPSS
3.2%
CVE-2018-8977 MEDIUM POC This Month

In Exiv2 0.26, the Exiv2::Internal::printCsLensFFFF function in canonmn_int.cpp allows remote attackers to cause a denial of service (invalid memory access) via a crafted file. Rated medium severity (CVSS 6.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Denial Of Service Buffer Overflow Exiv2
NVD GitHub
CVSS 3.0
6.5
EPSS
2.2%
CVE-2018-8976 MEDIUM POC This Month

In Exiv2 0.26, jpgimage.cpp allows remote attackers to cause a denial of service (image.cpp Exiv2::Internal::stringFormat out-of-bounds read) via a crafted file. Rated medium severity (CVSS 6.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Information Disclosure Denial Of Service Buffer Overflow Exiv2 Debian Linux +3
NVD GitHub
CVSS 3.1
6.5
EPSS
2.1%
CVE-2018-9016 MEDIUM POC This Month

dsmall v20180320 allows XSS via the main page search box at the public/index.php/home URI. Rated medium severity (CVSS 6.1), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

XSS PHP Dsmall
NVD GitHub
CVSS 3.0
6.1
EPSS
0.7%
CVE-2018-8975 MEDIUM POC This Month

The pm_mallocarray2 function in lib/util/mallocvar.c in Netpbm through 10.81.03 allows remote attackers to cause a denial of service (heap-based buffer over-read) via a crafted image file, as. Rated medium severity (CVSS 5.5), this vulnerability is no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Information Disclosure Denial Of Service Buffer Overflow Netpbm
NVD GitHub
CVSS 3.0
5.5
EPSS
1.7%
CVE-2018-8978 MEDIUM POC This Month

Open-AudIT Professional 2.1 has XSS via a crafted src attribute of an IMG element within a URI. Rated medium severity (CVSS 5.4), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available and no vendor patch available.

XSS Open Audit
NVD
CVSS 3.0
5.4
EPSS
0.5%
CVE-2018-9017 MEDIUM POC This Month

dsmall v20180320 allows XSS via the member search box at the public/index.php/home/membersnsfriend/findlist.html URI. Rated medium severity (CVSS 5.4), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available and no vendor patch available.

XSS PHP Dsmall
NVD GitHub
CVSS 3.0
5.4
EPSS
0.6%
CVE-2018-9015 MEDIUM POC This Month

dsmall v20180320 allows XSS via the public/index.php/home/predeposit/index.html pdr_sn parameter (aka the CMS search box). Rated medium severity (CVSS 5.4), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available and no vendor patch available.

XSS PHP Dsmall
NVD GitHub
CVSS 3.0
5.4
EPSS
0.6%
CVE-2018-9014 HIGH This Week

dsmall v20180320 allows physical path leakage via a public/index.php/home/predeposit/index.html?pdr_sn= request. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Information Disclosure PHP Dsmall
NVD GitHub
CVSS 3.0
7.5
EPSS
1.2%

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy