Skip to main content
CVE-2018-10540 MEDIUM POC PATCH This Month

An issue was discovered in WavPack 5.1.0 and earlier for W64 input. Rated medium severity (CVSS 5.5), this vulnerability is no authentication required, low attack complexity. Public exploit code available.

Memory Corruption Buffer Overflow Wavpack Debian Linux
NVD GitHub
CVSS 3.0
5.5
EPSS
1.7%
CVE-2018-10539 MEDIUM POC PATCH This Month

An issue was discovered in WavPack 5.1.0 and earlier for DSDiff input. Rated medium severity (CVSS 5.5), this vulnerability is no authentication required, low attack complexity. Public exploit code available.

Memory Corruption Buffer Overflow Wavpack Debian Linux
NVD GitHub
CVSS 3.0
5.5
EPSS
1.7%
CVE-2018-10538 MEDIUM POC PATCH This Month

An issue was discovered in WavPack 5.1.0 and earlier for WAV input. Rated medium severity (CVSS 5.5), this vulnerability is no authentication required, low attack complexity. Public exploit code available.

Memory Corruption Buffer Overflow Wavpack Debian Linux
NVD GitHub
CVSS 3.0
5.5
EPSS
1.6%
CVE-2018-10547 MEDIUM PATCH This Month

An issue was discovered in ext/phar/phar_object.c in PHP before 5.6.36, 7.0.x before 7.0.30, 7.1.x before 7.1.17, and 7.2.x before 7.2.5. Rated medium severity (CVSS 6.1), this vulnerability is remotely exploitable, no authentication required, low attack complexity. This Cross-Site Scripting (XSS) vulnerability could allow attackers to inject malicious scripts into web pages viewed by other users.

XSS PHP Ubuntu Linux Debian Linux Storage Automation Store
NVD
CVSS 3.0
6.1
EPSS
3.6%
CVE-2018-10535 MEDIUM This Month

The ignore_section_sym function in elf.c in the Binary File Descriptor (BFD) library (aka libbfd), as distributed in GNU Binutils 2.30, does not validate the output_section pointer in the case of a. Rated medium severity (CVSS 5.5), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Null Pointer Dereference Denial Of Service Binutils Enterprise Linux Desktop Enterprise Linux Server +1
NVD
CVSS 3.0
5.5
EPSS
2.2%
CVE-2018-10534 MEDIUM This Month

The _bfd_XX_bfd_copy_private_bfd_data_common function in peXXigen.c in the Binary File Descriptor (BFD) library (aka libbfd), as distributed in GNU Binutils 2.30, processes a negative Data Directory. Rated medium severity (CVSS 5.5), this vulnerability is low attack complexity. No vendor patch available.

Memory Corruption Buffer Overflow Binutils Enterprise Linux Desktop Enterprise Linux Server +1
NVD
CVSS 3.0
5.5
EPSS
1.9%
CVE-2018-10545 MEDIUM PATCH This Month

An issue was discovered in PHP before 5.6.35, 7.0.x before 7.0.29, 7.1.x before 7.1.16, and 7.2.x before 7.2.4. Rated medium severity (CVSS 4.7). This Exposure of Sensitive Information vulnerability could allow attackers to access sensitive data that should not be disclosed.

Information Disclosure PHP Ubuntu Linux Debian Linux Storage Automation Store
NVD
CVSS 3.0
4.7
EPSS
0.8%

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy