Skip to main content
CVE-2018-11013 CRITICAL POC Act Now

Stack-based buffer overflow in the websRedirect function in GoAhead on D-Link DIR-816 A2 (CN) routers with firmware version 1.10B05 allows unauthenticated remote attackers to execute arbitrary code. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Memory Corruption RCE Buffer Overflow D-Link Dir 816 A2 Firmware
NVD
CVSS 3.0
9.8
EPSS
6.5%
CVE-2018-11018 HIGH POC This Week

An issue was discovered in PbootCMS v1.0.7. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

CSRF PHP Pbootcms
NVD GitHub
CVSS 3.0
8.8
EPSS
0.6%
CVE-2018-11017 HIGH POC This Week

The newVar_N function in decompile.c in libming through 0.4.8 mishandles cases where the header indicates a file size greater than the actual size, which allows remote attackers to cause a denial of. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Denial Of Service Buffer Overflow Libming
NVD
CVSS 3.0
8.8
EPSS
1.4%
CVE-2018-10678 MEDIUM This Month

MyBB 1.8.15, when accessed with Microsoft Edge, mishandles 'target="_blank" rel="noopener"' in A elements, which makes it easier for remote attackers to conduct redirection attacks. Rated medium severity (CVSS 6.1), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Microsoft Open Redirect Mybb
NVD GitHub
CVSS 3.0
6.1
EPSS
1.0%

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy