Skip to main content
CVE-2018-10780 MEDIUM POC This Month

Exiv2::Image::byteSwap2 in image.cpp in Exiv2 0.26 has a heap-based buffer over-read. Rated medium severity (CVSS 6.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Information Disclosure Buffer Overflow Exiv2
NVD
CVSS 3.0
6.5
EPSS
1.0%
CVE-2018-10779 MEDIUM POC This Month

TIFFWriteScanline in tif_write.c in LibTIFF 3.8.2 has a heap-based buffer over-read, as demonstrated by bmp2tiff. Rated medium severity (CVSS 6.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Information Disclosure Buffer Overflow Libtiff Ubuntu Linux
NVD
CVSS 3.0
6.5
EPSS
3.0%
CVE-2018-10775 MEDIUM POC This Month

NULL pointer dereference in the _fields_add function in fields.c in libbibcore.a in bibutils through 6.2 allows remote attackers to cause a denial of service (application crash), as demonstrated by. Rated medium severity (CVSS 6.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Null Pointer Dereference Denial Of Service Bibutils
NVD
CVSS 3.0
6.5
EPSS
1.7%
CVE-2018-10772 MEDIUM POC This Month

The tEXtToDataBuf function in pngimage.cpp in Exiv2 through 0.26 allows remote attackers to cause a denial of service (application crash) or possibly have unspecified other impact via a crafted file. Rated medium severity (CVSS 6.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Denial Of Service Buffer Overflow Exiv2
NVD
CVSS 3.0
6.5
EPSS
1.6%
CVE-2018-10774 MEDIUM This Month

Read access violation in the isiin_keyword function in isiin.c in libbibutils.a in bibutils through 6.2 allows remote attackers to cause a denial of service (application crash), as demonstrated by. Rated medium severity (CVSS 6.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Denial Of Service Buffer Overflow Bibutils
NVD
CVSS 3.0
6.5
EPSS
1.4%
CVE-2018-10773 MEDIUM This Month

NULL pointer deference in the addsn function in serialno.c in libbibcore.a in bibutils through 6.2 allows remote attackers to cause a denial of service (application crash), as demonstrated by. Rated medium severity (CVSS 6.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Null Pointer Dereference Denial Of Service Bibutils
NVD
CVSS 3.0
6.5
EPSS
1.2%
CVE-2018-1413 MEDIUM This Month

IBM Cognos Analytics 11.0 is vulnerable to cross-site scripting. Rated medium severity (CVSS 5.4), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

XSS IBM Cognos Analytics Oncommand Insight
NVD
CVSS 3.0
5.4
EPSS
1.1%
CVE-2018-1313 MEDIUM PATCH This Month

In Apache Derby 10.3.1.4 to 10.14.1.0, a specially-crafted network packet can be used to request the Derby Network Server to boot a database whose location and contents are under the user's control. Rated medium severity (CVSS 5.3), this vulnerability is remotely exploitable.

Java Apache Information Disclosure Derby Weblogic Server
NVD
CVSS 3.1
5.3
EPSS
4.5%

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy