Skip to main content
CVE-2018-10768 MEDIUM POC This Month

There is a NULL pointer dereference in the AnnotPath::getCoordsLength function in Annot.h in an Ubuntu package for Poppler 0.24.5. Rated medium severity (CVSS 6.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Ubuntu Null Pointer Dereference Denial Of Service Poppler Ubuntu Linux +5
NVD
CVSS 3.0
6.5
EPSS
2.4%
CVE-2018-10767 MEDIUM POC This Month

There is a stack-based buffer over-read in calling GLib in the function gxps_images_guess_content_type of gxps-images.c in libgxps through 0.3.0 because it does not reject negative return values from. Rated medium severity (CVSS 6.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Information Disclosure Denial Of Service Buffer Overflow Libgxps Ansible Tower +3
NVD
CVSS 3.0
6.5
EPSS
2.3%
CVE-2018-0494 MEDIUM POC PATCH THREAT This Month

GNU Wget before 1.19.5 is prone to a cookie injection vulnerability in the resp_new function in http.c via a \r\n sequence in a continuation line. Rated medium severity (CVSS 6.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available.

Code Injection Wget Ubuntu Linux Debian Linux Enterprise Linux Desktop +2
NVD Exploit-DB
CVSS 3.0
6.5
EPSS
17.0%
CVE-2018-10686 MEDIUM POC This Month

An issue was discovered in Vesta Control Panel 0.9.8-20. Rated medium severity (CVSS 6.1), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

XSS RCE PHP Control Panel
NVD GitHub
CVSS 3.0
6.1
EPSS
1.3%

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy