Skip to main content
CVE-2018-11035 HIGH POC This Week

In 2345 Security Guard 3.7, the driver file (2345NsProtect.sys, X64 version) allows local users to cause a denial of service (BSOD) or possibly have unspecified other impact because of not validating. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. Public exploit code available and no vendor patch available.

Denial Of Service Security Guard
NVD GitHub
CVSS 3.0
7.8
EPSS
0.4%
CVE-2018-11034 HIGH POC This Week

In 2345 Security Guard 3.7, the driver file (2345NsProtect.sys, X64 version) allows local users to cause a denial of service (BSOD) or possibly have unspecified other impact because of not validating. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. Public exploit code available and no vendor patch available.

Denial Of Service Security Guard
NVD GitHub Exploit-DB
CVSS 3.0
7.8
EPSS
1.0%
CVE-2018-0568 HIGH This Week

Unrestricted file upload vulnerability in SiteBridge Inc. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

File Upload PHP Joruri Gw
NVD GitHub
CVSS 3.0
8.8
EPSS
1.7%
CVE-2018-10252 HIGH This Week

An issue was discovered on Actiontec WCB6200Q before 1.1.10.20a devices. Rated high severity (CVSS 8.1), this vulnerability is remotely exploitable, no authentication required. No vendor patch available.

Session Fixation Information Disclosure Wcb6200Q Firmware
NVD
CVSS 3.0
8.1
EPSS
0.9%
CVE-2018-10990 HIGH This Week

On Arris Touchstone Telephony Gateway TG1682G 9.1.103J6 devices, a logout action does not immediately destroy all state on the device related to the validity of the "credential" cookie, which might. Rated high severity (CVSS 8.0), this vulnerability is remotely exploitable. No vendor patch available.

Information Disclosure Arris Tg1682G Firmware
NVD
CVSS 3.1
8.0
EPSS
1.1%
CVE-2018-0580 HIGH This Week

Untrusted search path vulnerability in CELSYS, Inc CLIP STUDIO series (CLIP STUDIO PAINT (for Windows) EX/PRO/DEBUT Ver.1.7.3 and earlier, CLIP STUDIO ACTION (for Windows) Ver.1.5.5 and earlier, with. Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Microsoft Information Disclosure Clip Studio Action Clip Studio Modeler Clip Studio Paint
NVD
CVSS 3.0
7.8
EPSS
2.1%
CVE-2018-11033 HIGH This Week

The DCTStream::readHuffSym function in Stream.cc in the DCT decoder in xpdf before 4.00 allows remote attackers to cause a denial of service (application crash) or possibly have unspecified other. Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Denial Of Service Buffer Overflow Xpdf
NVD
CVSS 3.0
7.8
EPSS
1.3%
CVE-2018-0588 HIGH This Week

Directory traversal vulnerability in the AJAX function of Ultimate Member plugin prior to version 2.0.4 for WordPress allows remote attackers to read arbitrary files via unspecified vectors. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

WordPress Path Traversal User Profile Membership
NVD
CVSS 3.0
7.5
EPSS
2.6%

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy