Skip to main content
CVE-2018-11414 HIGH POC This Week

An issue was discovered in BearAdmin 0.5. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available and no vendor patch available.

SQLi PHP Bearadmin
NVD GitHub
CVSS 3.0
8.8
EPSS
1.1%
CVE-2018-11405 HIGH POC This Week

Kliqqi 2.0.2 has CSRF in admin/admin_users.php. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

CSRF PHP Kliqqi Cms
NVD GitHub
CVSS 3.0
8.8
EPSS
0.6%
CVE-2018-1000038 HIGH POC This Week

In Artifex MuPDF 1.12.0 and earlier, a stack buffer overflow in function pdf_lookup_cmap_full in pdf/pdf-cmap.c could allow an attacker to execute arbitrary code via a crafted file. Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Memory Corruption RCE Buffer Overflow Mupdf
NVD
CVSS 3.0
7.8
EPSS
2.0%
CVE-2018-7407 HIGH This Week

An issue was discovered in Foxit Reader before 9.1 and PhantomPDF before 9.1. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

RCE Phantompdf Reader
NVD
CVSS 3.0
8.8
EPSS
4.0%
CVE-2018-7406 HIGH This Week

An issue was discovered in Foxit Reader before 9.1 and PhantomPDF before 9.1. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

RCE Phantompdf Reader
NVD
CVSS 3.0
8.8
EPSS
4.0%
CVE-2018-5680 HIGH This Week

This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Foxit Reader before 9.1 and PhantomPDF before 9.1. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Information Disclosure RCE Buffer Overflow Phantompdf Reader
NVD
CVSS 3.0
8.8
EPSS
3.4%
CVE-2018-5679 HIGH This Week

This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Foxit Reader before 9.1 and PhantomPDF before 9.1. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Information Disclosure RCE Buffer Overflow Phantompdf Reader
NVD
CVSS 3.0
8.8
EPSS
4.1%
CVE-2018-5678 HIGH This Week

This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Foxit Reader before 9.1 and PhantomPDF before 9.1. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

RCE Buffer Overflow Phantompdf Reader
NVD
CVSS 3.0
8.8
EPSS
4.1%
CVE-2018-5677 HIGH This Week

This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Foxit Reader before 9.1 and PhantomPDF before 9.1. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Information Disclosure RCE Buffer Overflow Phantompdf Reader
NVD
CVSS 3.0
8.8
EPSS
4.1%
CVE-2018-5676 HIGH This Week

This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Foxit Reader before 9.1 and PhantomPDF before 9.1. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

RCE Buffer Overflow Phantompdf Reader
NVD
CVSS 3.0
8.8
EPSS
3.4%
CVE-2018-5675 HIGH This Week

This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Foxit Reader before 9.1 and PhantomPDF before 9.1. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Memory Corruption RCE Buffer Overflow Phantompdf Reader
NVD
CVSS 3.0
8.8
EPSS
4.0%
CVE-2018-5674 HIGH This Week

This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Foxit Reader before 9.1 and PhantomPDF before 9.1. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

RCE Buffer Overflow Phantompdf Reader
NVD
CVSS 3.0
8.8
EPSS
4.1%
CVE-2018-11416 HIGH This Week

jpegoptim.c in jpegoptim 1.4.5 (fixed in 1.4.6) has an invalid use of realloc() and free(), which allows remote attackers to cause a denial of service (application crash) or possibly have unspecified. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Denial Of Service Jpegoptim
NVD GitHub
CVSS 3.0
8.8
EPSS
1.8%
CVE-2018-7904 HIGH This Week

Huawei 1288H V5 and 288H V5 with software of V100R005C00 have a JSON injection vulnerability. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Code Injection Huawei 1288H V5 Firmware 2288H V5 Firmware
NVD
CVSS 3.0
8.8
EPSS
1.1%
CVE-2018-7903 HIGH This Week

Huawei 1288H V5 and 288H V5 with software of V100R005C00 have a JSON injection vulnerability. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Code Injection Huawei 1288H V5 Firmware 2288H V5 Firmware
NVD
CVSS 3.0
8.8
EPSS
1.1%
CVE-2018-7902 HIGH This Week

Huawei 1288H V5 and 288H V5 with software of V100R005C00 have a JSON injection vulnerability. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Code Injection Huawei 1288H V5 Firmware 2288H V5 Firmware
NVD
CVSS 3.0
8.8
EPSS
1.1%
CVE-2018-5485 HIGH PATCH This Week

NetApp OnCommand Unified Manager for Windows versions 7.2 through 7.3 are susceptible to a vulnerability which could lead to a privilege escalation attack. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity.

Privilege Escalation Microsoft Oncommand Unified Manager
NVD
CVSS 3.0
7.8
EPSS
0.4%
CVE-2018-7526 HIGH This Week

In TotalAlert Web Application in BeaconMedaes Scroll Medical Air Systems prior to v4107600010.23, by accessing a specific uniform resource locator (URL) on the webserver, a malicious user may be able. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Information Disclosure Scroll Medical Air Systems Firmware
NVD
CVSS 3.0
7.5
EPSS
1.3%
CVE-2018-7942 HIGH This Week

The iBMC (Intelligent Baseboard Management Controller) of some Huawei servers have an authentication bypass vulnerability. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Authentication Bypass Huawei 1288H V5 Firmware 2288H V5 Firmware 2488 V5 Firmware +4
NVD
CVSS 3.0
7.5
EPSS
1.6%
CVE-2018-11411 HIGH This Week

The transferFrom function of a smart contract implementation for DimonCoin (FUD), an Ethereum ERC20 token, allows attackers to steal assets (e.g., transfer all victims' balances into their account). Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Information Disclosure Dimoncoin
NVD
CVSS 3.0
7.5
EPSS
1.0%

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy