Skip to main content
CVE-2018-11126 HIGH POC This Week

dg-user/?controller=users&action=add in doorGets 7.0 has CSRF that results in adding an administrator account. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

CSRF Doorgets
NVD GitHub
CVSS 3.0
8.8
EPSS
0.7%
CVE-2018-11098 HIGH POC This Week

An issue was discovered in Frog CMS 0.9.5. Rated high severity (CVSS 7.2), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available and no vendor patch available.

File Upload Frog Cms
NVD GitHub
CVSS 3.0
7.2
EPSS
1.4%
CVE-2018-1131 HIGH PATCH This Week

Infinispan permits improper deserialization of trusted data via XML and JSON transcoders under certain server configurations. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

RCE Deserialization Infinispan Jboss Data Grid
NVD
CVSS 3.0
8.8
EPSS
1.3%
CVE-2018-11100 HIGH This Week

The decompileSETTARGET function in decompile.c in libming through 0.4.8 mishandles cases where the header indicates a file size greater than the actual size, which allows remote attackers to cause a. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Denial Of Service Buffer Overflow Libming
NVD GitHub
CVSS 3.0
8.8
EPSS
1.8%
CVE-2018-11095 HIGH This Week

The decompileJUMP function in decompile.c in libming through 0.4.8 mishandles cases where the header indicates a file size greater than the actual size, which allows remote attackers to cause a. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Denial Of Service Buffer Overflow Libming
NVD GitHub
CVSS 3.0
8.8
EPSS
1.8%
CVE-2018-8841 HIGH This Week

In Advantech WebAccess versions V8.2_20170817 and prior, WebAccess versions V8.3.0 and prior, WebAccess Dashboard versions V.2.0.15 and prior, WebAccess Scada Node versions prior to 8.3.1, and. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. No vendor patch available.

Privilege Escalation Webaccess Webaccess Dashboard Webaccess Scada Webaccess Nms
NVD
CVSS 3.0
7.8
EPSS
0.4%
CVE-2018-1087 HIGH This Week

kernel KVM before versions kernel 4.16, kernel 4.16-rc7, kernel 4.17-rc1, kernel 4.17-rc2 and kernel 4.17-rc3 is vulnerable to a flaw in the way the Linux kernel's KVM hypervisor handled exceptions. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. No vendor patch available.

Privilege Escalation Linux Linux Kernel Ubuntu Linux Debian Linux +8
NVD
CVSS 3.0
7.8
EPSS
0.8%
CVE-2018-7503 HIGH This Week

In Advantech WebAccess versions V8.2_20170817 and prior, WebAccess versions V8.3.0 and prior, WebAccess Dashboard versions V.2.0.15 and prior, WebAccess Scada Node versions prior to 8.3.1, and. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Path Traversal Webaccess Webaccess Dashboard Webaccess Scada Webaccess Nms
NVD
CVSS 3.0
7.5
EPSS
2.6%
CVE-2018-7501 HIGH This Week

In Advantech WebAccess versions V8.2_20170817 and prior, WebAccess versions V8.3.0 and prior, WebAccess Dashboard versions V.2.0.15 and prior, WebAccess Scada Node versions prior to 8.3.1, and. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

SQLi Webaccess Webaccess Dashboard Webaccess Scada Webaccess Nms
NVD
CVSS 3.0
7.5
EPSS
1.7%
CVE-2018-7495 HIGH This Week

In Advantech WebAccess versions V8.2_20170817 and prior, WebAccess versions V8.3.0 and prior, WebAccess Dashboard versions V.2.0.15 and prior, WebAccess Scada Node versions prior to 8.3.1, and. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Information Disclosure Webaccess Webaccess Dashboard Webaccess Scada Webaccess Nms
NVD
CVSS 3.0
7.5
EPSS
2.2%
CVE-2018-10590 HIGH This Week

In Advantech WebAccess versions V8.2_20170817 and prior, WebAccess versions V8.3.0 and prior, WebAccess Dashboard versions V.2.0.15 and prior, WebAccess Scada Node versions prior to 8.3.1, and. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Information Disclosure Webaccess Webaccess Dashboard Webaccess Scada Webaccess Nms
NVD
CVSS 3.0
7.5
EPSS
1.7%
CVE-2018-11102 HIGH This Week

An issue was discovered in Libav 12.3. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Denial Of Service Buffer Overflow Libav
NVD
CVSS 3.0
7.5
EPSS
2.6%
CVE-2018-11097 HIGH This Week

An issue was discovered in cloudwu/cstring through 2016-11-09. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Denial Of Service Cstring
NVD GitHub
CVSS 3.0
7.5
EPSS
1.1%
CVE-2018-1262 HIGH PATCH This Week

Cloud Foundry Foundation UAA, versions 4.12.X and 4.13.X, introduced a feature which could allow privilege escalation across identity zones for clients performing offline validation. Rated high severity (CVSS 7.2), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Privilege Escalation Cloud Foundry Uaa Cloud Foundry Uaa Release Cf Deployment
NVD
CVSS 3.0
7.2
EPSS
1.3%

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy