Skip to main content
CVE-2018-11479 HIGH POC Act Now

The VPN component in Windscribe 1.81 uses the OpenVPN client for connections. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. Public exploit code available and no vendor patch available.

Information Disclosure Windscribe
NVD Exploit-DB
CVSS 3.0
7.8
EPSS
9.9%
CVE-2018-11470 HIGH POC This Week

iScripts eSwap v2.4 has SQL injection via the "search.php" 'Told' parameter in the User Panel. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available and no vendor patch available.

SQLi PHP Eswap
NVD GitHub
CVSS 3.0
8.8
EPSS
1.1%
CVE-2018-11445 HIGH POC This Week

A CSRF issue was discovered on the User Add/System Settings Page (system-settings-user-new2.php) in EasyService Billing 1.0. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

CSRF PHP Easyservice Billing
NVD GitHub Exploit-DB
CVSS 3.0
8.8
EPSS
2.4%
CVE-2018-11442 HIGH POC This Week

A CSRF issue was discovered in EasyService Billing 1.0, which was triggered via a quotation-new3-new2.php?add=true&id= URI, as demonstrated by adding a new quotation. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

CSRF PHP Easyservice Billing
NVD GitHub Exploit-DB
CVSS 3.0
8.8
EPSS
2.4%
CVE-2018-1133 HIGH POC PATCH THREAT This Week

An issue was discovered in Moodle 3.x. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available.

Code Injection RCE Moodle
NVD Exploit-DB
CVSS 3.0
8.8
EPSS
32.2%
CVE-2018-6237 HIGH POC This Week

A vulnerability in Trend Micro Smart Protection Server (Standalone) 3.x could allow an unauthenticated remote attacker to manipulate the product to send a large number of specially crafted HTTP. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Trend Micro Denial Of Service Smart Protection Server
NVD
CVSS 3.0
7.5
EPSS
6.4%
CVE-2018-10350 HIGH This Week

A SQL injection remote code execution vulnerability in Trend Micro Smart Protection Server (Standalone) 3.x could allow a remote attacker to execute arbitrary code on vulnerable installations due to. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

SQLi Trend Micro RCE PHP Smart Protection Server
NVD
CVSS 3.0
8.8
EPSS
15.2%
CVE-2018-6664 HIGH This Week

Application Protections Bypass vulnerability in Microsoft Windows in McAfee Data Loss Prevention (DLP) Endpoint before 10.0.500 and DLP Endpoint before 11.0.400 allows authenticated users to bypass. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Authentication Bypass Microsoft Jwt Attack Data Loss Prevention Endpoint
NVD
CVSS 3.0
8.8
EPSS
0.7%
CVE-2018-11440 HIGH This Week

Liblouis 3.5.0 has a stack-based Buffer Overflow in the function parseChars in compileTranslationTable.c. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Memory Corruption Buffer Overflow Liblouis Ubuntu Linux Leap
NVD GitHub
CVSS 3.0
8.8
EPSS
3.2%
CVE-2018-1137 HIGH PATCH This Week

An issue was discovered in Moodle 3.x. Rated high severity (CVSS 8.1), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Information Disclosure Moodle
NVD
CVSS 3.0
8.1
EPSS
1.7%
CVE-2018-11475 HIGH This Week

Monstra CMS 3.0.4 has a Session Management Issue in the Users tab. Rated high severity (CVSS 8.0), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Session Fixation Information Disclosure Monstra
NVD GitHub
CVSS 3.0
8.0
EPSS
1.1%
CVE-2018-11474 HIGH This Week

Monstra CMS 3.0.4 has a Session Management Issue in the Administrations Tab. Rated high severity (CVSS 8.0), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Session Fixation Information Disclosure PHP Monstra
NVD GitHub
CVSS 3.0
8.0
EPSS
1.1%
CVE-2018-6235 HIGH This Week

An Out-of-Bounds write privilege escalation vulnerability in Trend Micro Maximum Security (Consumer) 2018 could allow a local attacker to escalate privileges on vulnerable installations due to a flaw. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. No vendor patch available.

Privilege Escalation Memory Corruption Buffer Overflow Trend Micro Antivirus +3
NVD
CVSS 3.0
7.8
EPSS
0.5%
CVE-2018-6233 HIGH This Week

A buffer overflow privilege escalation vulnerability in Trend Micro Maximum Security (Consumer) 2018 could allow a local attacker to escalate privileges on vulnerable installations due to a flaw. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. No vendor patch available.

Privilege Escalation Trend Micro Buffer Overflow Antivirus Internet Security +2
NVD
CVSS 3.0
7.8
EPSS
0.5%
CVE-2018-6232 HIGH This Week

A buffer overflow privilege escalation vulnerability in Trend Micro Maximum Security (Consumer) 2018 could allow a local attacker to escalate privileges on vulnerable installations due to a flaw. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. No vendor patch available.

Privilege Escalation Trend Micro Buffer Overflow Antivirus Internet Security +2
NVD
CVSS 3.0
7.8
EPSS
0.5%
CVE-2018-1565 HIGH This Week

IBM DB2 for Linux, UNIX and Windows (includes DB2 Connect Server) 9.7, 10.1, 10.5, and 11.1 could allow a local user to overflow a buffer which may result in a privilege escalation to the DB2. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. No vendor patch available.

Privilege Escalation Microsoft IBM Buffer Overflow Db2
NVD
CVSS 3.0
7.8
EPSS
0.4%
CVE-2018-1544 HIGH This Week

IBM DB2 for Linux, UNIX and Windows (includes DB2 Connect Server) 9.7, 10.1, 10.5, and 11.1 could allow a local user to overflow a buffer which may result in a privilege escalation to the DB2. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. No vendor patch available.

Privilege Escalation Microsoft IBM Buffer Overflow Db2
NVD
CVSS 3.0
7.8
EPSS
0.4%
CVE-2018-1488 HIGH This Week

IBM DB2 for Linux, UNIX and Windows (includes DB2 Connect Server) 10.5 and 11.1 is vulnerable to a buffer overflow, which could allow an authenticated local attacker to execute arbitrary code on the. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. No vendor patch available.

Microsoft IBM Buffer Overflow RCE Db2
NVD
CVSS 3.0
7.8
EPSS
0.5%
CVE-2018-1459 HIGH This Week

IBM DB2 for Linux, UNIX and Windows (includes DB2 Connect Server) 9.7, 10.1, 10.5, and 11.1 is vulnerable to stack based buffer overflow, caused by improper bounds checking which could lead an. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. No vendor patch available.

IBM Buffer Overflow Microsoft RCE Memory Corruption +1
NVD
CVSS 3.0
7.8
EPSS
0.5%
CVE-2018-1467 HIGH This Week

The IBM Storwize V7000 Unified management Web interface 1.6 exposes internal cluster details to unauthenticated users. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

IBM Information Disclosure Storwize Unified V7000 Software
NVD
CVSS 3.0
7.5
EPSS
2.0%
CVE-2018-6236 HIGH This Week

A Time-of-Check Time-of-Use privilege escalation vulnerability in Trend Micro Maximum Security (Consumer) 2018 could allow a local attacker to escalate privileges on vulnerable installations due to a. Rated high severity (CVSS 7.0). No vendor patch available.

Race Condition Trend Micro Privilege Escalation Antivirus Internet Security +2
NVD
CVSS 3.0
7.0
EPSS
0.3%
CVE-2018-1515 HIGH This Week

IBM DB2 for Linux, UNIX and Windows (includes DB2 Connect Server) 10.5 and 11.1, under specific or unusual conditions, could allow a local user to overflow a buffer which may result in a privilege. Rated high severity (CVSS 7.0). No vendor patch available.

Privilege Escalation Microsoft IBM Buffer Overflow Db2
NVD
CVSS 3.0
7.0
EPSS
0.4%

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy