Skip to main content
CVE-2018-11419 CRITICAL POC Act Now

An issue was discovered in JerryScript 1.0. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Information Disclosure Buffer Overflow Jerryscript
NVD GitHub
CVSS 3.0
9.8
EPSS
1.6%
CVE-2018-11418 CRITICAL POC Act Now

An issue was discovered in JerryScript 1.0. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Information Disclosure Buffer Overflow Jerryscript
NVD GitHub
CVSS 3.0
9.8
EPSS
1.6%
CVE-2018-11410 CRITICAL POC Act Now

An issue was discovered in Liblouis 3.5.0. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Memory Corruption Denial Of Service Use After Free Liblouis Ubuntu Linux
NVD
CVSS 3.0
9.8
EPSS
5.1%
CVE-2018-7518 CRITICAL Act Now

In TotalAlert Web Application in BeaconMedaes Scroll Medical Air Systems prior to v4107600010.23, an attacker with network access to the integrated web server could retrieve default or user defined. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Information Disclosure Scroll Medical Air Systems Firmware
NVD
CVSS 3.0
9.8
EPSS
1.3%
CVE-2018-8013 CRITICAL PATCH Act Now

In Apache Batik 1.x before 1.10, when deserializing subclass of `AbstractDocument`, the class takes a string from the inputStream as the class name which then use it to call the no-arg constructor of. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. This Deserialization of Untrusted Data vulnerability could allow attackers to execute arbitrary code through malicious serialized objects.

Deserialization Apache Batik Debian Linux Ubuntu Linux +18
NVD
CVSS 3.0
9.8
EPSS
19.5%
CVE-2018-5487 CRITICAL PATCH Act Now

NetApp OnCommand Unified Manager for Linux versions 7.2 through 7.3 ship with the Java Management Extension Remote Method Invocation (JMX RMI) service bound to the network, and are susceptible to. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity.

Java RCE Oncommand Unified Manager
NVD
CVSS 3.0
9.8
EPSS
2.9%
CVE-2018-1000300 CRITICAL PATCH Act Now

curl version curl 7.54.1 to and including curl 7.59.0 contains a CWE-122: Heap-based Buffer Overflow vulnerability in denial of service and more that can result in curl might overflow a heap based. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. This Out-of-bounds Write vulnerability could allow attackers to write data beyond allocated buffer boundaries leading to code execution or crashes.

Memory Corruption Denial Of Service Buffer Overflow Curl Ubuntu Linux
NVD
CVSS 3.0
9.8
EPSS
4.9%
CVE-2018-1000155 CRITICAL Act Now

OpenFlow version 1.0 onwards contains a Denial of Service and Improper authorization vulnerability in OpenFlow handshake: The DPID (DataPath IDentifier) in the features_reply message are inherently. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Authentication Bypass Denial Of Service Openflow
NVD
CVSS 3.0
9.8
EPSS
1.2%
CVE-2018-1000301 CRITICAL PATCH Act Now

curl version curl 7.20.0 to and including curl 7.59.0 contains a CWE-126: Buffer Over-read vulnerability in denial of service that can result in curl can be tricked into reading data beyond the end. Rated critical severity (CVSS 9.1), this vulnerability is remotely exploitable, no authentication required, low attack complexity. This Out-of-bounds Read vulnerability could allow attackers to read data from memory outside the intended buffer boundaries.

Denial Of Service Information Disclosure Buffer Overflow Debian Linux Ubuntu Linux +7
NVD VulDB
CVSS 3.1
9.1
EPSS
2.8%

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy