Skip to main content
CVE-2018-11027 MEDIUM POC This Month

A reflected XSS vulnerability on Ruckus ICX7450-48 devices allows remote attackers to inject arbitrary web script or HTML. Rated medium severity (CVSS 6.1), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

XSS Icx7450 48 Firmware
NVD
CVSS 3.0
6.1
EPSS
0.8%
CVE-2018-11532 MEDIUM POC PATCH This Month

An issue was discovered in the ChangUonDyU Advanced Statistics plugin 1.0.2 for MyBB. Rated medium severity (CVSS 6.1), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available.

XSS PHP Changuondyu Advanced Statistics
NVD GitHub Exploit-DB
CVSS 3.0
6.1
EPSS
2.4%
CVE-2018-11549 MEDIUM POC This Month

An issue was discovered in WUZHI CMS 4.1.0 There is a Stored XSS Vulnerability in "Account Settings -> Member Centre -> Chinese information -> Ordinary member" via a QQ number, as demonstrated by a. Rated medium severity (CVSS 5.4), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available and no vendor patch available.

XSS Wuzhicms
NVD GitHub
CVSS 3.0
5.4
EPSS
0.7%
CVE-2018-10751 MEDIUM POC This Month

A malformed OMACP WAP push message can cause memory corruption on a Samsung S7 Edge device when processing the String Extension portion of the WbXml payload. Rated medium severity (CVSS 5.3), this vulnerability is remotely exploitable, no authentication required. Public exploit code available and no vendor patch available.

Integer Overflow Buffer Overflow Samsung Samsung Mobile
NVD Exploit-DB
CVSS 3.0
5.3
EPSS
8.7%
CVE-2018-1495 MEDIUM This Month

IBM FlashSystem V840 and V900 products could allow an authenticated attacker with specialized access to overwrite arbitrary files which could cause a denial of service. Rated medium severity (CVSS 6.5), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Privilege Escalation IBM Denial Of Service Flashsystem 900 Firmware Flashsystem 840 Firmware
NVD
CVSS 3.0
6.5
EPSS
1.6%
CVE-2018-1242 MEDIUM This Month

Dell EMC RecoverPoint versions prior to 5.1.2 and RecoverPoint for VMs versions prior to 5.1.1.3, contains a command injection vulnerability in the Boxmgmt CLI. Rated medium severity (CVSS 6.5), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Dell Command Injection Recoverpoint Recoverpoint For Virtual Machines
NVD
CVSS 3.0
6.5
EPSS
2.8%
CVE-2018-1376 MEDIUM PATCH This Month

IBM Security Guardium Big Data Intelligence (SonarG) 3.1 is vulnerable to cross-site scripting. Rated medium severity (CVSS 6.1), this vulnerability is remotely exploitable, no authentication required, low attack complexity. This Cross-Site Scripting (XSS) vulnerability could allow attackers to inject malicious scripts into web pages viewed by other users.

XSS IBM Security Guardium Big Data Intelligence
NVD
CVSS 3.0
6.1
EPSS
0.9%
CVE-2018-1370 MEDIUM PATCH This Month

IBM Security Guardium Big Data Intelligence (SonarG) 3.1 specifies permissions for a security-critical resource in a way that allows that resource to be read or modified by unintended actors. Rated medium severity (CVSS 5.4), this vulnerability is remotely exploitable, low attack complexity. This Incorrect Permission Assignment vulnerability could allow attackers to access resources due to misconfigured permissions.

IBM Information Disclosure Security Guardium Big Data Intelligence
NVD
CVSS 3.0
5.4
EPSS
0.6%

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy