Skip to main content
CVE-2018-10573 HIGH POC PATCH This Week

interface/fax/fax_dispatch.php in OpenEMR before 5.0.1 allows remote authenticated users to bypass intended access restrictions via the scan parameter. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available.

Authentication Bypass PHP Openemr
NVD GitHub
CVSS 3.0
8.8
EPSS
2.7%
CVE-2018-5234 HIGH POC THREAT This Week

The Norton Core router prior to v237 may be susceptible to a command injection exploit. Rated high severity (CVSS 8.0), this vulnerability is no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Command Injection Norton Core Firmware
NVD Exploit-DB
CVSS 3.0
8.0
EPSS
16.7%
CVE-2018-10576 HIGH POC This Week

An issue was discovered on WatchGuard AP100, AP102, and AP200 devices with firmware before 1.2.9.15. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. Public exploit code available and no vendor patch available.

Authentication Bypass Watchguard Ap200 Firmware Ap102 Firmware Ap100 Firmware
NVD Exploit-DB
CVSS 3.0
7.8
EPSS
1.5%
CVE-2018-1102 HIGH PATCH This Week

A flaw was found in source-to-image function as shipped with Openshift Enterprise 3.x. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, low attack complexity.

Privilege Escalation Openshift
NVD
CVSS 3.0
8.8
EPSS
2.4%
CVE-2018-7891 HIGH This Week

The Milestone XProtect Video Management Software (Corporate, Expert, Professional+, Express+, Essential+) 2016 R1 (10.0.a) to 2018 R1 (12.1a) contains .NET Remoting endpoints that are vulnerable to. Rated high severity (CVSS 8.1), this vulnerability is remotely exploitable, no authentication required. No vendor patch available.

Deserialization RCE Xprotect Siveillance Vms
NVD
CVSS 3.0
8.1
EPSS
4.2%
CVE-2018-9310 HIGH This Week

An issue was discovered in MagniComp SysInfo before 10-H82 if setuid root (the default). Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. No vendor patch available.

Information Disclosure Sysinfo
NVD
CVSS 3.0
7.8
EPSS
0.3%
CVE-2018-8839 HIGH This Week

Delta PMSoft versions 2.10 and prior have multiple stack-based buffer overflow vulnerabilities where a .ppm file can introduce a value larger than is readable by PMSoft's fixed-length stack buffer. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. No vendor patch available.

RCE Buffer Overflow Stack Overflow Pmsoft
NVD
CVSS 3.1
7.8
EPSS
0.5%
CVE-2018-10550 HIGH This Week

In Octopus Deploy before 2018.4.7, target and tenant tag variable scopes were not checked against the list of tenants the user has access to. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Privilege Escalation Octopus Deploy
NVD GitHub
CVSS 3.0
7.5
EPSS
1.3%

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy