Skip to main content
CVE-2018-11105 MEDIUM POC PATCH This Month

There is stored cross site scripting in the wp-live-chat-support plugin before 8.0.08 for WordPress via the "name" (aka wplc_name) and "email" (aka wplc_email) input fields to. Rated medium severity (CVSS 6.1), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available.

WordPress XSS Live Chat
NVD GitHub
CVSS 3.0
6.1
EPSS
1.1%
CVE-2018-11127 MEDIUM This Month

e107 2.1.7 has CSRF resulting in arbitrary user deletion. Rated medium severity (CVSS 6.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

CSRF E107
NVD GitHub
CVSS 3.0
6.5
EPSS
0.5%
CVE-2018-3611 MEDIUM This Month

Bounds check vulnerability in User Mode Driver in Intel Graphics Driver 15.40.x.4 and 21.20.x.x allows unprivileged user to cause a denial of service via local access. Rated medium severity (CVSS 6.5), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Intel Denial Of Service Graphics Driver
NVD
CVSS 3.0
6.5
EPSS
1.6%
CVE-2018-10591 MEDIUM This Month

In Advantech WebAccess versions V8.2_20170817 and prior, WebAccess versions V8.3.0 and prior, WebAccess Dashboard versions V.2.0.15 and prior, WebAccess Scada Node versions prior to 8.3.1, and. Rated medium severity (CVSS 6.1), this vulnerability is remotely exploitable, no authentication required. No vendor patch available.

Information Disclosure Webaccess Webaccess Dashboard Webaccess Scada Webaccess Nms
NVD
CVSS 3.0
6.1
EPSS
0.6%
CVE-2018-3661 MEDIUM This Month

Buffer overflow in Intel system Configuration utilities selview.exe and syscfg.exe before version 14 build 11 allows a local user to crash these services potentially resulting in a denial of service. Rated medium severity (CVSS 5.5), this vulnerability is low attack complexity. No vendor patch available.

Intel Denial Of Service Buffer Overflow Syscfg Selview
NVD
CVSS 3.0
5.5
EPSS
0.3%
CVE-2018-3634 MEDIUM This Month

Parameter corruption in NDIS filter driver in Intel Online Connect Access 1.9.22.0 allows an attacker to cause a denial of service via local access. Rated medium severity (CVSS 5.5), this vulnerability is low attack complexity. No vendor patch available.

Intel Denial Of Service Online Connect Access
NVD
CVSS 3.1
5.5
EPSS
0.3%
CVE-2018-10825 MEDIUM This Month

Mimo Baby 2 devices do not use authentication or encryption for the Bluetooth Low Energy (BLE) communication from a Turtle to a Lilypad, which allows attackers to inject fake information about the. Rated medium severity (CVSS 5.3), this vulnerability is no authentication required. No vendor patch available.

Authentication Bypass Mimo Baby 2 Firmware
NVD
CVSS 3.0
5.3
EPSS
0.2%
CVE-2018-1263 MEDIUM PATCH This Month

Addresses partial fix in CVE-2018-1261. Rated medium severity (CVSS 4.7), this vulnerability is no authentication required. No vendor patch available.

Java Path Traversal Spring Integration Zip
NVD
CVSS 3.1
4.7
EPSS
1.4%

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy