Skip to main content
CVE-2018-10733 MEDIUM POC This Month

There is a heap-based buffer over-read in the function ft_font_face_hash of gxps-fonts.c in libgxps through 0.3.0. Rated medium severity (CVSS 6.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Information Disclosure Denial Of Service Buffer Overflow Libgxps Ansible Tower +4
NVD
CVSS 3.0
6.5
EPSS
2.3%
CVE-2018-10739 MEDIUM POC This Month

An issue was discovered in Shanghai 2345 Security Guard 3.7.0. Rated medium severity (CVSS 5.5), this vulnerability is low attack complexity. Public exploit code available and no vendor patch available.

Authentication Bypass 2345 Security Guard
NVD GitHub
CVSS 3.0
5.5
EPSS
0.4%
CVE-2018-10726 MEDIUM POC This Month

A stored XSS vulnerability was found in Datenstrom Yellow 0.7.3 via an "Edit page" action. Rated medium severity (CVSS 5.4), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available and no vendor patch available.

XSS Yellow
NVD GitHub
CVSS 3.1
5.4
EPSS
0.7%
CVE-2018-7522 MEDIUM This Month

In Schneider Electric Triconex Tricon MP model 3008 firmware versions 10.0-10.4, when a system call is made, registers are stored to a fixed memory location. Rated medium severity (CVSS 6.7), this vulnerability is low attack complexity. No vendor patch available.

Schneider Electric Buffer Overflow Triconex Tricon Mp 3008 Firmware
NVD
CVSS 3.0
6.7
EPSS
0.4%
CVE-2018-5446 MEDIUM This Month

Medtronic 2090 CareLink Programmer uses a per-product username and password that is stored in a recoverable format. Rated medium severity (CVSS 4.9), this vulnerability is no authentication required. No vendor patch available.

Information Disclosure 2090 Carelink Programmer Firmware
NVD
CVSS 3.1
4.9
EPSS
0.4%
CVE-2018-10229 MEDIUM This Month

A hardware vulnerability in GPU memory modules allows attackers to accelerate micro-architectural attacks through the use of the JavaScript WebGL API. Rated medium severity (CVSS 4.8), this vulnerability is remotely exploitable, no authentication required. No vendor patch available.

Information Disclosure Chrome Firefox Nexus 5
NVD
CVSS 3.0
4.8
EPSS
0.6%
CVE-2018-5448 MEDIUM This Month

Medtronic 2090 CareLink Programmer’s software deployment network contains a directory traversal vulnerability that could allow an attacker to read files on the system. Rated medium severity (CVSS 4.8). No vendor patch available.

Path Traversal 2090 Carelink Programmer Firmware
NVD
CVSS 3.1
4.8
EPSS
0.7%

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy