Skip to main content
CVE-2018-11377 MEDIUM PATCH This Month

The avr_op_analyze() function in radare2 2.5.0 allows remote attackers to cause a denial of service (heap-based out-of-bounds read and application crash) via a crafted binary file. Rated medium severity (CVSS 5.5), this vulnerability is no authentication required, low attack complexity.

Information Disclosure Denial Of Service Buffer Overflow Radare2
NVD GitHub
CVSS 3.0
5.5
EPSS
1.4%
CVE-2018-11376 MEDIUM PATCH This Month

The r_read_le32() function in radare2 2.5.0 allows remote attackers to cause a denial of service (heap-based out-of-bounds read and application crash) via a crafted ELF file. Rated medium severity (CVSS 5.5), this vulnerability is no authentication required, low attack complexity.

Information Disclosure Denial Of Service Buffer Overflow Radare2
NVD GitHub
CVSS 3.0
5.5
EPSS
1.1%
CVE-2018-11375 MEDIUM PATCH This Month

The _inst__lds() function in radare2 2.5.0 allows remote attackers to cause a denial of service (heap-based out-of-bounds read and application crash) via a crafted binary file. Rated medium severity (CVSS 5.5), this vulnerability is no authentication required, low attack complexity.

Information Disclosure Denial Of Service Buffer Overflow Radare2
NVD GitHub
CVSS 3.0
5.5
EPSS
1.1%
CVE-2018-6963 MEDIUM PATCH This Month

VMware Workstation (14.x before 14.1.2) and Fusion (10.x before 10.1.2) contain multiple denial-of-service vulnerabilities that occur due to NULL pointer dereference issues in the RPC handler. Rated medium severity (CVSS 5.5), this vulnerability is low attack complexity.

Null Pointer Dereference Denial Of Service VMware Fusion Workstation
NVD
CVSS 3.0
5.5
EPSS
0.4%
CVE-2018-6494 MEDIUM This Month

Remote SQL Injection against the HP Service Manager Software Web Tier, version 9.30, 9.31, 9.32, 9.33, 9.34, 9.35, 9.40, 9.41, 9.50, 9.51, may lead to unauthorized disclosure of data. Rated medium severity (CVSS 5.4), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

SQLi HP Service Manager
NVD
CVSS 3.1
5.4
EPSS
1.2%
CVE-2018-1583 MEDIUM This Month

IBM StoredIQ 7.6 could allow an authenticated attacker to bypass certain security restrictions. Rated medium severity (CVSS 5.4), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Authentication Bypass IBM Storediq
NVD
CVSS 3.0
5.4
EPSS
0.8%
CVE-2018-11326 MEDIUM PATCH This Month

An issue was discovered in Joomla!. Rated medium severity (CVSS 4.8), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

XSS Joomla
NVD
CVSS 3.0
4.8
EPSS
1.1%
CVE-2018-11328 MEDIUM This Month

An issue was discovered in Joomla!. Rated medium severity (CVSS 4.7), this vulnerability is remotely exploitable, no authentication required. No vendor patch available.

XSS Joomla
NVD
CVSS 3.0
4.7
EPSS
1.4%
CVE-2018-11327 MEDIUM This Month

An issue was discovered in Joomla!. Rated medium severity (CVSS 4.3), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Information Disclosure Joomla
NVD
CVSS 3.0
4.3
EPSS
1.4%
Prev Page 2 of 2

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy