Skip to main content
CVE-2018-10771 CRITICAL POC Act Now

Stack-based buffer overflow in the get_key function in parse.c in abcm2ps through 8.13.20 allows remote attackers to cause a denial of service (application crash) or possibly have unspecified other. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Memory Corruption Denial Of Service Buffer Overflow Abcm2Ps Debian Linux +1
NVD GitHub
CVSS 3.1
9.8
EPSS
3.1%
CVE-2018-10795 HIGH POC This Week

Liferay 6.2.x and before has an FCKeditor configuration that allows an attacker to upload or transfer files of dangerous types that can be automatically processed within the product's environment via. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available and no vendor patch available.

File Upload Liferay Portal
NVD
CVSS 3.0
8.8
EPSS
1.8%
CVE-2018-10780 MEDIUM POC This Month

Exiv2::Image::byteSwap2 in image.cpp in Exiv2 0.26 has a heap-based buffer over-read. Rated medium severity (CVSS 6.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Information Disclosure Buffer Overflow Exiv2
NVD
CVSS 3.0
6.5
EPSS
1.0%
CVE-2018-10779 MEDIUM POC This Month

TIFFWriteScanline in tif_write.c in LibTIFF 3.8.2 has a heap-based buffer over-read, as demonstrated by bmp2tiff. Rated medium severity (CVSS 6.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Information Disclosure Buffer Overflow Libtiff Ubuntu Linux
NVD
CVSS 3.0
6.5
EPSS
3.0%
CVE-2018-10775 MEDIUM POC This Month

NULL pointer dereference in the _fields_add function in fields.c in libbibcore.a in bibutils through 6.2 allows remote attackers to cause a denial of service (application crash), as demonstrated by. Rated medium severity (CVSS 6.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Null Pointer Dereference Denial Of Service Bibutils
NVD
CVSS 3.0
6.5
EPSS
1.7%
CVE-2018-10772 MEDIUM POC This Month

The tEXtToDataBuf function in pngimage.cpp in Exiv2 through 0.26 allows remote attackers to cause a denial of service (application crash) or possibly have unspecified other impact via a crafted file. Rated medium severity (CVSS 6.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Denial Of Service Buffer Overflow Exiv2
NVD
CVSS 3.0
6.5
EPSS
1.6%
CVE-2018-1256 HIGH PATCH This Week

Spring Cloud SSO Connector, version 2.1.2, contains a regression which disables issuer validation in resource servers that are not bound to the SSO service. Rated high severity (CVSS 8.1), this vulnerability is remotely exploitable, no authentication required. No vendor patch available.

Java Information Disclosure Spring Cloud Sso Connector
NVD
CVSS 3.1
8.1
EPSS
1.6%
CVE-2018-10778 HIGH This Week

Read access violation in the III_dequantize_sample function in mpglibDBL/layer3.c in mp3gain through 1.5.2-r2 allows remote attackers to cause a denial of service (application crash) or possibly have. Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Information Disclosure Denial Of Service Buffer Overflow Mp3Gain
NVD
CVSS 3.0
7.8
EPSS
1.1%
CVE-2018-10777 HIGH This Week

Buffer overflow in the WriteMP3GainAPETag function in apetag.c in mp3gain through 1.5.2-r2 allows remote attackers to cause a denial of service (application crash) or possibly have unspecified other. Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Denial Of Service Buffer Overflow Mp3Gain
NVD
CVSS 3.0
7.8
EPSS
1.0%
CVE-2018-10776 HIGH This Week

The getbits function in mpglibDBL/common.c in mp3gain through 1.5.2-r2 allows remote attackers to cause a denial of service (segmentation fault and application crash) or possibly have unspecified. Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Denial Of Service Mp3Gain
NVD
CVSS 3.0
7.8
EPSS
1.0%
CVE-2018-10774 MEDIUM This Month

Read access violation in the isiin_keyword function in isiin.c in libbibutils.a in bibutils through 6.2 allows remote attackers to cause a denial of service (application crash), as demonstrated by. Rated medium severity (CVSS 6.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Denial Of Service Buffer Overflow Bibutils
NVD
CVSS 3.0
6.5
EPSS
1.4%
CVE-2018-10773 MEDIUM This Month

NULL pointer deference in the addsn function in serialno.c in libbibcore.a in bibutils through 6.2 allows remote attackers to cause a denial of service (application crash), as demonstrated by. Rated medium severity (CVSS 6.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Null Pointer Dereference Denial Of Service Bibutils
NVD
CVSS 3.0
6.5
EPSS
1.2%
CVE-2018-1413 MEDIUM This Month

IBM Cognos Analytics 11.0 is vulnerable to cross-site scripting. Rated medium severity (CVSS 5.4), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

XSS IBM Cognos Analytics Oncommand Insight
NVD
CVSS 3.0
5.4
EPSS
1.1%
CVE-2018-1313 MEDIUM PATCH This Month

In Apache Derby 10.3.1.4 to 10.14.1.0, a specially-crafted network packet can be used to request the Derby Network Server to boot a database whose location and contents are under the user's control. Rated medium severity (CVSS 5.3), this vulnerability is remotely exploitable.

Java Apache Information Disclosure Derby Weblogic Server
NVD
CVSS 3.1
5.3
EPSS
4.5%

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy