Skip to main content
CVE-2018-9845 CRITICAL POC PATCH THREAT Act Now

Etherpad Lite before 1.6.4 is exploitable for admin access. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity.

Information Disclosure Etherpad Lite
NVD GitHub
CVSS 3.0
9.8
EPSS
13.1%
CVE-2018-10540 MEDIUM POC PATCH This Month

An issue was discovered in WavPack 5.1.0 and earlier for W64 input. Rated medium severity (CVSS 5.5), this vulnerability is no authentication required, low attack complexity. Public exploit code available.

Memory Corruption Buffer Overflow Wavpack Debian Linux
NVD GitHub
CVSS 3.0
5.5
EPSS
1.7%
CVE-2018-10539 MEDIUM POC PATCH This Month

An issue was discovered in WavPack 5.1.0 and earlier for DSDiff input. Rated medium severity (CVSS 5.5), this vulnerability is no authentication required, low attack complexity. Public exploit code available.

Memory Corruption Buffer Overflow Wavpack Debian Linux
NVD GitHub
CVSS 3.0
5.5
EPSS
1.7%
CVE-2018-10538 MEDIUM POC PATCH This Month

An issue was discovered in WavPack 5.1.0 and earlier for WAV input. Rated medium severity (CVSS 5.5), this vulnerability is no authentication required, low attack complexity. Public exploit code available.

Memory Corruption Buffer Overflow Wavpack Debian Linux
NVD GitHub
CVSS 3.0
5.5
EPSS
1.6%
CVE-2018-10549 HIGH PATCH This Week

An issue was discovered in PHP before 5.6.36, 7.0.x before 7.0.30, 7.1.x before 7.1.17, and 7.2.x before 7.2.5. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. This Out-of-bounds Read vulnerability could allow attackers to read data from memory outside the intended buffer boundaries.

Information Disclosure Buffer Overflow PHP Ubuntu Linux Debian Linux +1
NVD
CVSS 3.0
8.8
EPSS
7.2%
CVE-2018-10529 HIGH PATCH This Week

An issue was discovered in LibRaw 0.18.9. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. This Out-of-bounds Read vulnerability could allow attackers to read data from memory outside the intended buffer boundaries.

Information Disclosure Buffer Overflow Ubuntu Linux Libraw
NVD GitHub
CVSS 3.0
8.8
EPSS
1.9%
CVE-2018-10528 HIGH PATCH This Week

An issue was discovered in LibRaw 0.18.9. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. This Out-of-bounds Write vulnerability could allow attackers to write data beyond allocated buffer boundaries leading to code execution or crashes.

Memory Corruption Buffer Overflow Ubuntu Linux Libraw
NVD GitHub
CVSS 3.1
8.8
EPSS
2.5%
CVE-2018-10537 HIGH PATCH This Week

An issue was discovered in WavPack 5.1.0 and earlier. Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attack complexity. This Buffer Overflow vulnerability could allow attackers to corrupt memory to execute arbitrary code or crash the application.

Buffer Overflow Wavpack Debian Linux
NVD GitHub
CVSS 3.0
7.8
EPSS
2.1%
CVE-2018-10536 HIGH PATCH This Week

An issue was discovered in WavPack 5.1.0 and earlier. Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attack complexity. This Out-of-bounds Write vulnerability could allow attackers to write data beyond allocated buffer boundaries leading to code execution or crashes.

Memory Corruption Buffer Overflow Wavpack Debian Linux
NVD GitHub
CVSS 3.0
7.8
EPSS
2.0%
CVE-2018-10548 HIGH PATCH This Week

An issue was discovered in PHP before 5.6.36, 7.0.x before 7.0.30, 7.1.x before 7.1.17, and 7.2.x before 7.2.5. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. This NULL Pointer Dereference vulnerability could allow attackers to crash the application by dereferencing a null pointer.

Null Pointer Dereference Denial Of Service PHP Ubuntu Linux Debian Linux +1
NVD
CVSS 3.0
7.5
EPSS
8.7%
CVE-2018-10546 HIGH PATCH This Week

An issue was discovered in PHP before 5.6.36, 7.0.x before 7.0.30, 7.1.x before 7.1.17, and 7.2.x before 7.2.5. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity.

Denial Of Service PHP Ubuntu Linux Debian Linux Storage Automation Store
NVD
CVSS 3.0
7.5
EPSS
10.4%
CVE-2018-10547 MEDIUM PATCH This Month

An issue was discovered in ext/phar/phar_object.c in PHP before 5.6.36, 7.0.x before 7.0.30, 7.1.x before 7.1.17, and 7.2.x before 7.2.5. Rated medium severity (CVSS 6.1), this vulnerability is remotely exploitable, no authentication required, low attack complexity. This Cross-Site Scripting (XSS) vulnerability could allow attackers to inject malicious scripts into web pages viewed by other users.

XSS PHP Ubuntu Linux Debian Linux Storage Automation Store
NVD
CVSS 3.0
6.1
EPSS
3.6%
CVE-2018-10535 MEDIUM This Month

The ignore_section_sym function in elf.c in the Binary File Descriptor (BFD) library (aka libbfd), as distributed in GNU Binutils 2.30, does not validate the output_section pointer in the case of a. Rated medium severity (CVSS 5.5), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Null Pointer Dereference Denial Of Service Binutils Enterprise Linux Desktop Enterprise Linux Server +1
NVD
CVSS 3.0
5.5
EPSS
2.2%
CVE-2018-10534 MEDIUM This Month

The _bfd_XX_bfd_copy_private_bfd_data_common function in peXXigen.c in the Binary File Descriptor (BFD) library (aka libbfd), as distributed in GNU Binutils 2.30, processes a negative Data Directory. Rated medium severity (CVSS 5.5), this vulnerability is low attack complexity. No vendor patch available.

Memory Corruption Buffer Overflow Binutils Enterprise Linux Desktop Enterprise Linux Server +1
NVD
CVSS 3.0
5.5
EPSS
1.9%
CVE-2018-10545 MEDIUM PATCH This Month

An issue was discovered in PHP before 5.6.35, 7.0.x before 7.0.29, 7.1.x before 7.1.16, and 7.2.x before 7.2.4. Rated medium severity (CVSS 4.7). This Exposure of Sensitive Information vulnerability could allow attackers to access sensitive data that should not be disclosed.

Information Disclosure PHP Ubuntu Linux Debian Linux Storage Automation Store
NVD
CVSS 3.0
4.7
EPSS
0.8%

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy