Skip to main content
CVE-2018-11138 CRITICAL POC KEV THREAT Emergency

The '/common/download_agent_installer.php' script in the Quest KACE System Management Appliance 8.0.318 is accessible by anonymous users and can be abused to execute arbitrary commands on the system. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

PHP Command Injection Kace System Management Appliance
NVD Exploit-DB
CVSS 3.1
9.8
EPSS
91.9%
CVE-2018-11141 CRITICAL POC Act Now

The 'IMAGES_JSON' and 'attachments_to_remove[]' parameters of the '/adminui/advisory.php' script in the Quest KACE System Management Virtual Appliance 8.0.318 can be abused to write and delete files. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Path Traversal PHP Kace System Management Appliance
NVD
CVSS 3.0
9.8
EPSS
2.0%
CVE-2018-11140 CRITICAL POC Act Now

The 'reportID' parameter received by the '/common/run_report.php' script in the Quest KACE System Management Appliance 8.0.318 is not sanitized, leading to SQL injection (in particular, an. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

SQLi PHP Kace System Management Appliance
NVD
CVSS 3.0
9.8
EPSS
1.4%
CVE-2018-11136 CRITICAL POC Act Now

The 'orgID' parameter received by the '/common/download_agent_installer.php' script in the Quest KACE System Management Appliance 8.0.318 is not sanitized, leading to SQL injection (in particular, a. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

SQLi PHP Kace System Management Appliance
NVD
CVSS 3.0
9.8
EPSS
1.4%
CVE-2018-9318 CRITICAL POC Act Now

The Telematics Control Unit (aka Telematic Communication Box or TCB), when present on BMW vehicles produced in 2012 through 2018, allows a remote attack via a cellular network. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Information Disclosure Telematics Control Unit Firmware
NVD
CVSS 3.0
9.8
EPSS
4.4%
CVE-2018-9311 CRITICAL POC Act Now

The Telematics Control Unit (aka Telematic Communication Box or TCB), when present on BMW vehicles produced in 2012 through 2018, allows a remote attack via a cellular network. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Information Disclosure Telematics Control Unit Firmware
NVD
CVSS 3.0
9.8
EPSS
3.7%
CVE-2018-11576 CRITICAL POC Act Now

ngiflib.c in MiniUPnP ngiflib 0.4 has a heap-based buffer over-read in GifIndexToTrueColor. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Information Disclosure Buffer Overflow Ngiflib
NVD GitHub
CVSS 3.0
9.8
EPSS
1.4%
CVE-2018-11575 CRITICAL POC Act Now

ngiflib.c in MiniUPnP ngiflib 0.4 has a stack-based buffer overflow in DecodeGifImg. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Memory Corruption Buffer Overflow Ngiflib
NVD GitHub
CVSS 3.0
9.8
EPSS
1.5%
CVE-2018-11139 HIGH POC THREAT This Week

The '/common/ajax_email_connection_test.php' script in the Quest KACE System Management Appliance 8.0.318 is accessible by any authenticated user and can be abused to execute arbitrary commands on. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available and no vendor patch available.

PHP Command Injection Kace System Management Appliance
NVD
CVSS 3.0
8.8
EPSS
42.9%
CVE-2018-11135 HIGH POC This Week

The script '/adminui/error_details.php' in the Quest KACE System Management Appliance 8.0.318 allows authenticated users to conduct PHP object injection attacks. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available and no vendor patch available.

Code Injection Prototype Pollution PHP Kace System Management Appliance
NVD
CVSS 3.1
8.8
EPSS
2.1%
CVE-2018-11134 HIGH POC This Week

In order to perform actions that requires higher privileges, the Quest KACE System Management Appliance 8.0.318 relies on a message queue managed that runs with root privileges and only allows a set. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available and no vendor patch available.

Information Disclosure Kace System Management Appliance
NVD
CVSS 3.0
8.8
EPSS
3.0%
CVE-2018-11132 HIGH POC THREAT This Week

In order to perform actions that require higher privileges, the Quest KACE System Management Appliance 8.0.318 relies on a message queue that runs daemonized with root privileges and only allows a. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available and no vendor patch available.

Command Injection Kace System Management Appliance
NVD
CVSS 3.0
8.8
EPSS
18.3%
CVE-2018-11625 HIGH POC This Week

In ImageMagick 7.0.7-37 Q16, SetGrayscaleImage in the quantize.c file allows attackers to cause a heap-based buffer over-read via a crafted file. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Information Disclosure Buffer Overflow Imagemagick Ubuntu Linux
NVD GitHub
CVSS 3.0
8.8
EPSS
2.3%
CVE-2018-11220 HIGH POC THREAT This Week

Bitmain Antminer D3, L3+, and S9 devices allow Remote Command Execution via the system restore function. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available and no vendor patch available.

Information Disclosure Antminer D3 Firmware Antminer L3 Firmware Antminer S9 Firmware
NVD Exploit-DB
CVSS 3.0
8.8
EPSS
16.4%
CVE-2018-11577 HIGH POC This Week

Liblouis 3.5.0 has a Segmentation fault in lou_logPrint in logging.c. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Buffer Overflow Liblouis Ubuntu Linux Leap
NVD GitHub
CVSS 3.0
8.8
EPSS
2.6%
CVE-2018-11595 HIGH POC PATCH This Week

Espruino before 1.99 allows attackers to cause a denial of service (application crash) and a potential Escalation of Privileges with a user crafted input file via a Buffer Overflow during syntax. Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attack complexity. Public exploit code available.

Denial Of Service Buffer Overflow Espruino
NVD GitHub
CVSS 3.0
7.8
EPSS
1.3%
CVE-2018-9322 HIGH POC This Week

The Head Unit HU_NBT (aka Infotainment) component on BMW i Series, BMW X Series, BMW 3 Series, BMW 5 Series, and BMW 7 Series vehicles produced in 2012 through 2018 allows local attacks involving the. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. Public exploit code available and no vendor patch available.

Authentication Bypass Head Unit Hu Nbt Firmware
NVD
CVSS 3.0
7.8
EPSS
0.6%
CVE-2018-9320 HIGH POC This Week

The Head Unit HU_NBT (aka Infotainment) component on BMW i Series, BMW X Series, BMW 3 Series, BMW 5 Series, and BMW 7 Series vehicles produced in 2012 through 2018 allows a local attack when a USB. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. Public exploit code available and no vendor patch available.

Information Disclosure Head Unit Hu Nbt Firmware
NVD
CVSS 3.0
7.8
EPSS
0.6%
CVE-2018-9312 HIGH POC This Week

The Head Unit HU_NBT (aka Infotainment) component on BMW i Series, BMW X Series, BMW 3 Series, BMW 5 Series, and BMW 7 Series vehicles produced in 2012 through 2018 allows a local attack when a USB. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. Public exploit code available and no vendor patch available.

Information Disclosure Head Unit Hu Nbt Firmware
NVD
CVSS 3.0
7.8
EPSS
0.6%
CVE-2018-11598 HIGH POC PATCH This Week

Espruino before 1.99 allows attackers to cause a denial of service (application crash) and a potential Information Disclosure with user crafted input files via a Buffer Overflow or Out-of-bounds Read. Rated high severity (CVSS 7.1), this vulnerability is no authentication required, low attack complexity. Public exploit code available.

Information Disclosure Denial Of Service Buffer Overflow Espruino
NVD GitHub
CVSS 3.0
7.1
EPSS
1.3%
CVE-2018-11593 HIGH POC PATCH This Week

Espruino before 1.99 allows attackers to cause a denial of service (application crash) and potential Information Disclosure with a user crafted input file via a Buffer Overflow during syntax parsing. Rated high severity (CVSS 7.1), this vulnerability is no authentication required, low attack complexity. Public exploit code available.

Memory Corruption Information Disclosure Denial Of Service Buffer Overflow Espruino
NVD GitHub
CVSS 3.0
7.1
EPSS
1.2%
CVE-2018-9314 MEDIUM POC This Month

The Head Unit HU_NBT (aka Infotainment) component on BMW i Series, BMW X Series, BMW 3 Series, BMW 5 Series, and BMW 7 Series vehicles produced in 2012 through 2018 allows an attack by an attacker. Rated medium severity (CVSS 6.8), this vulnerability is no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Information Disclosure Head Unit Hu Nbt Firmware
NVD
CVSS 3.0
6.8
EPSS
0.7%
CVE-2018-11633 MEDIUM POC This Month

An issue was discovered in the MULTIDOTS Woo Checkout for Digital Goods plugin 2.1 for WordPress. Rated medium severity (CVSS 6.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

CSRF WordPress PHP Woo Checkout For Digital Goods
NVD
CVSS 3.0
6.5
EPSS
0.5%
CVE-2018-11632 MEDIUM POC This Month

An issue was discovered in the MULTIDOTS Add Social Share Messenger Buttons Whatsapp and Viber plugin 1.0.8 for WordPress. Rated medium severity (CVSS 6.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

CSRF WordPress PHP Add Social Share Messenger Buttons Whatsapp And Viber
NVD
CVSS 3.0
6.5
EPSS
0.5%
CVE-2018-11137 MEDIUM POC This Month

The 'checksum' parameter of the '/common/download_attachment.php' script in the Quest KACE System Management Appliance 8.0.318 can be abused to read arbitrary files with 'www' privileges via. Rated medium severity (CVSS 6.5), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available and no vendor patch available.

Path Traversal PHP Kace System Management Appliance
NVD
CVSS 3.0
6.5
EPSS
6.5%
CVE-2018-11578 MEDIUM POC This Month

GifIndexToTrueColor in ngiflib.c in MiniUPnP ngiflib 0.4 has a Segmentation fault. Rated medium severity (CVSS 6.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Buffer Overflow Ngiflib
NVD GitHub
CVSS 3.0
6.5
EPSS
1.0%
CVE-2018-11627 MEDIUM POC PATCH This Month

Sinatra before 2.0.2 has XSS via the 400 Bad Request page that occurs upon a params parser exception. Rated medium severity (CVSS 6.1), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available.

XSS Sinatra Cloudforms
NVD GitHub
CVSS 3.0
6.1
EPSS
2.2%
CVE-2018-11133 MEDIUM POC This Month

The 'fmt' parameter of the '/common/run_cross_report.php' script in the the Quest KACE System Management Appliance 8.0.318 is vulnerable to cross-site scripting. Rated medium severity (CVSS 6.1), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

XSS PHP Kace System Management Appliance
NVD
CVSS 3.0
6.1
EPSS
7.3%
CVE-2018-11583 MEDIUM POC This Month

SeaCMS 6.61 has stored XSS in admin_collect.php via the siteurl parameter. Rated medium severity (CVSS 6.1), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

XSS PHP Seacms
NVD GitHub
CVSS 3.0
6.1
EPSS
0.7%
CVE-2018-11142 MEDIUM POC This Month

The 'systemui/settings_network.php' and 'systemui/settings_patching.php' scripts in the Quest KACE System Management Appliance 8.0.318 are accessible only from localhost. Rated medium severity (CVSS 5.5), this vulnerability is low attack complexity. Public exploit code available and no vendor patch available.

Authentication Bypass PHP Kace System Management Appliance
NVD
CVSS 3.0
5.5
EPSS
0.4%
CVE-2018-11594 MEDIUM POC PATCH This Month

Espruino before 1.99 allows attackers to cause a denial of service (application crash) with a user crafted input file via a Buffer Overflow during syntax parsing of "VOID" tokens in jsparse.c. Rated medium severity (CVSS 5.5), this vulnerability is no authentication required, low attack complexity. Public exploit code available.

Denial Of Service Buffer Overflow Espruino
NVD GitHub
CVSS 3.0
5.5
EPSS
1.1%
CVE-2018-11592 MEDIUM POC PATCH This Month

Espruino before 1.98 allows attackers to cause a denial of service (application crash) with a user crafted input file via an Out-of-bounds Read during syntax parsing in which certain height. Rated medium severity (CVSS 5.5), this vulnerability is no authentication required, low attack complexity. Public exploit code available.

Information Disclosure Denial Of Service Buffer Overflow Espruino
NVD GitHub
CVSS 3.0
5.5
EPSS
1.0%
CVE-2018-11591 MEDIUM POC PATCH This Month

Espruino before 1.98 allows attackers to cause a denial of service (application crash) with a user crafted input file via a NULL pointer dereference during syntax parsing. Rated medium severity (CVSS 5.5), this vulnerability is no authentication required, low attack complexity. Public exploit code available.

Null Pointer Dereference Denial Of Service Espruino
NVD GitHub
CVSS 3.0
5.5
EPSS
1.0%
CVE-2018-11590 MEDIUM POC PATCH This Month

Espruino before 1.99 allows attackers to cause a denial of service (application crash) with a user crafted input file via an integer overflow during syntax parsing. Rated medium severity (CVSS 5.5), this vulnerability is no authentication required, low attack complexity. Public exploit code available.

Integer Overflow Denial Of Service Espruino
NVD GitHub
CVSS 3.0
5.5
EPSS
1.0%
CVE-2018-11580 MEDIUM POC This Month

An issue was discovered in mass-pages-posts-creator.php in the MULTIDOTS Mass Pages/Posts Creator plugin 1.2.2 for WordPress. Rated medium severity (CVSS 5.4), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available and no vendor patch available.

WordPress XSS PHP Mass Pages Posts Creator
NVD
CVSS 3.0
5.4
EPSS
0.6%
CVE-2018-11572 MEDIUM POC This Month

ClipperCMS 1.3.3 has XSS in the "Module name" field in a "Modules -> Manage modules -> edit" action to the manager/ URI. Rated medium severity (CVSS 5.4), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available and no vendor patch available.

XSS Clippercms
NVD GitHub
CVSS 3.0
5.4
EPSS
0.7%
CVE-2018-9313 MEDIUM POC This Month

The Head Unit HU_NBT (aka Infotainment) component on BMW i Series, BMW X Series, BMW 3 Series, BMW 5 Series, and BMW 7 Series vehicles produced in 2012 through 2018 allows a remote attack via. Rated medium severity (CVSS 5.3), this vulnerability is no authentication required. Public exploit code available and no vendor patch available.

Information Disclosure Head Unit Hu Nbt Firmware
NVD
CVSS 3.0
5.3
EPSS
1.3%
CVE-2018-11579 MEDIUM POC This Month

class-woo-banner-management.php in the MULTIDOTS WooCommerce Category Banner Management plugin 1.1.0 for WordPress has an Unauthenticated Settings Change Vulnerability, related to certain. Rated medium severity (CVSS 5.3), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Authentication Bypass WordPress PHP Woocommerce Category Banner Management
NVD
CVSS 3.0
5.3
EPSS
0.9%
CVE-2018-11036 CRITICAL Act Now

Ruckus SmartZone (formerly Virtual SmartCell Gateway or vSCG) 3.5.0, 3.5.1, 3.6.0, and 3.6.1 (Essentials and High Scale) on vSZ, SZ-100, SZ-300, and SCG-200 devices allows remote attackers to obtain. Rated critical severity (CVSS 9.1), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Information Disclosure Vsz Firmware Scg 200 Firmware Sz 300 Firmware Sz 100 Firmware
NVD
CVSS 3.0
9.1
EPSS
1.3%
CVE-2018-11624 HIGH This Week

In ImageMagick 7.0.7-36 Q16, the ReadMATImage function in coders/mat.c allows attackers to cause a use after free via a crafted file. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Memory Corruption Denial Of Service Use After Free Imagemagick
NVD GitHub
CVSS 3.0
8.8
EPSS
2.1%
CVE-2018-11571 HIGH This Week

ClipperCMS 1.3.3 allows Session Fixation. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Session Fixation Information Disclosure Clippercms
NVD GitHub
CVSS 3.0
8.8
EPSS
1.3%
CVE-2018-11631 MEDIUM POC This Month

Rondaful M1 Wristband Smart Band 1 devices allow remote attackers to send an arbitrary number of call or SMS notifications via crafted Bluetooth Low Energy (BLE) traffic. Rated medium severity (CVSS 4.3), this vulnerability is no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Information Disclosure Rondaful M1 Wristband Smart Band 1 Firmware
NVD GitHub
CVSS 3.0
4.3
EPSS
1.2%
CVE-2018-6552 HIGH This Week

Apport does not properly handle crashes originating from a PID namespace allowing local users to create certain files as root which an attacker could leverage to perform a denial of service via. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. No vendor patch available.

Denial Of Service Apport
NVD
CVSS 3.0
7.8
EPSS
0.4%
CVE-2018-11626 HIGH PATCH This Week

SELA (aka SimplE Lossless Audio) v0.1.2-alpha has a stack-based buffer overflow in the core/apev2.c init_apev2_keys function. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. This Out-of-bounds Write vulnerability could allow attackers to write data beyond allocated buffer boundaries leading to code execution or crashes.

Memory Corruption Buffer Overflow Simple Lossless Audio
NVD GitHub
CVSS 3.0
7.5
EPSS
1.4%
CVE-2018-5388 MEDIUM This Month

In stroke_socket.c in strongSwan before 5.6.3, a missing packet length check could allow a buffer underflow, which may lead to resource exhaustion and denial of service while reading from the socket. Rated medium severity (CVSS 6.5), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Denial Of Service Strongswan Debian Linux Ubuntu Linux
NVD
CVSS 3.0
6.5
EPSS
4.0%
CVE-2018-9186 MEDIUM This Month

A cross-site scripting (XSS) vulnerability in Fortinet FortiAuthenticator in versions 4.0.0 to before 5.3.0 "CSRF validation failure" page allows attacker to execute unauthorized script code via. Rated medium severity (CVSS 6.1), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

CSRF XSS Fortinet Fortiauthenticator
NVD
CVSS 3.0
6.1
EPSS
0.8%
CVE-2018-10379 MEDIUM This Month

An issue was discovered in GitLab Community Edition (CE) and Enterprise Edition (EE) before 10.5.8, 10.6.x before 10.6.5, and 10.7.x before 10.7.2. Rated medium severity (CVSS 6.1), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Gitlab XSS
NVD
CVSS 3.0
6.1
EPSS
0.9%
CVE-2018-11597 MEDIUM PATCH This Month

Espruino before 1.99 allows attackers to cause a denial of service (application crash) with a user crafted input file via a Buffer Overflow during syntax parsing because of a missing check for stack. Rated medium severity (CVSS 5.5), this vulnerability is no authentication required, low attack complexity.

Denial Of Service Buffer Overflow Espruino
NVD GitHub
CVSS 3.0
5.5
EPSS
0.8%
CVE-2018-11596 MEDIUM PATCH This Month

Espruino before 1.99 allows attackers to cause a denial of service (application crash) with a user crafted input file via a Buffer Overflow during syntax parsing because a check for '\0' is made for. Rated medium severity (CVSS 5.5), this vulnerability is no authentication required, low attack complexity.

Denial Of Service Buffer Overflow Espruino
NVD GitHub
CVSS 3.0
5.5
EPSS
0.8%
CVE-2018-1496 MEDIUM PATCH This Month

IBM Content Navigator 2.0.3, 3.0.0, 3.0.1, 3.0.2, and 3.0.3 is vulnerable to cross-site scripting. Rated medium severity (CVSS 5.4), this vulnerability is remotely exploitable, low attack complexity. This Cross-Site Scripting (XSS) vulnerability could allow attackers to inject malicious scripts into web pages viewed by other users.

XSS IBM Content Navigator
NVD
CVSS 3.0
5.4
EPSS
1.0%
Page 1 of 2 Next

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy