Skip to main content
CVE-2018-10191 CRITICAL POC PATCH Act Now

In versions of mruby up to and including 1.4.0, an integer overflow exists in src/vm.c::mrb_vm_exec() when handling OP_GETUPVAR in the presence of deep scope nesting, resulting in a use-after-free. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available.

Integer Overflow RCE Mruby Debian Linux
NVD GitHub
CVSS 3.1
9.8
EPSS
2.6%
CVE-2018-7539 CRITICAL POC Act Now

On Appear TV XC5000 and XC5100 devices with firmware 3.26.217, it is possible to read OS files with a specially crafted HTTP request (such as GET /../../../../../../../../../../../../etc/passwd) to. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Path Traversal Xc5000 Firmware Xc5100 Firmware
NVD
CVSS 3.0
9.8
EPSS
4.3%
CVE-2018-10192 CRITICAL Act Now

IPVanish 3.0.11 for macOS suffers from a root privilege escalation vulnerability. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Privilege Escalation RCE Apple Ipvanish
NVD GitHub
CVSS 3.0
9.8
EPSS
2.4%
CVE-2018-6913 CRITICAL Act Now

Heap-based buffer overflow in the pack function in Perl before 5.26.2 allows context-dependent attackers to execute arbitrary code via a large item count. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Memory Corruption RCE Buffer Overflow Debian Linux Perl +1
NVD
CVSS 3.0
9.8
EPSS
10.9%
CVE-2018-6797 CRITICAL PATCH Act Now

An issue was discovered in Perl 5.18 through 5.26. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. This Out-of-bounds Write vulnerability could allow attackers to write data beyond allocated buffer boundaries leading to code execution or crashes.

Memory Corruption Buffer Overflow Debian Linux Perl Ubuntu Linux +2
NVD
CVSS 3.0
9.8
EPSS
6.6%
CVE-2018-5190 CRITICAL Act Now

PicturesPro Photo Cart 6 and 7 before Security-Patch-2018-B allows remote attackers to access arbitrary customer accounts via a modified cookie, related to pc_head.php, pc_login.php, and. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Information Disclosure PHP Picturespro
NVD
CVSS 3.0
9.8
EPSS
1.4%

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy