Skip to main content
CVE-2018-12259 MEDIUM POC This Month

An issue was discovered on Momentum Axel 720P 5.1.8 devices. Rated medium severity (CVSS 6.8), this vulnerability is no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Information Disclosure Momentum Axel 720P Firmware
NVD
CVSS 3.0
6.8
EPSS
0.4%
CVE-2018-12258 MEDIUM POC This Month

An issue was discovered on Momentum Axel 720P 5.1.8 devices. Rated medium severity (CVSS 6.8), this vulnerability is no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Information Disclosure Momentum Axel 720P Firmware
NVD
CVSS 3.0
6.8
EPSS
0.5%
CVE-2018-12260 MEDIUM POC This Month

An issue was discovered on Momentum Axel 720P 5.1.8 devices. Rated medium severity (CVSS 6.7), this vulnerability is low attack complexity. Public exploit code available and no vendor patch available.

Information Disclosure Momentum Axel 720P Firmware
NVD
CVSS 3.0
6.7
EPSS
0.4%
CVE-2018-12228 MEDIUM POC This Month

An issue was discovered in Asterisk Open Source 15.x before 15.4.1. Rated medium severity (CVSS 6.5), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available and no vendor patch available.

Denial Of Service Asterisk
NVD
CVSS 3.0
6.5
EPSS
6.8%
CVE-2018-12261 MEDIUM POC This Month

An issue was discovered on Momentum Axel 720P 5.1.8 devices. Rated medium severity (CVSS 4.4), this vulnerability is low attack complexity. Public exploit code available and no vendor patch available.

Privilege Escalation Momentum Axel 720P Firmware
NVD
CVSS 3.0
4.4
EPSS
0.3%
CVE-2018-12257 MEDIUM POC This Month

An issue was discovered on Momentum Axel 720P 5.1.8 devices. Rated medium severity (CVSS 4.4), this vulnerability is low attack complexity. Public exploit code available and no vendor patch available.

Information Disclosure Momentum Axel 720P Firmware
NVD
CVSS 3.0
4.4
EPSS
0.4%
CVE-2018-10507 MEDIUM POC PATCH This Month

A vulnerability in Trend Micro OfficeScan 11.0 SP1 and XG could allow a attacker to take a series of steps to bypass or render the OfficeScan Unauthorized Change Prevention inoperable on vulnerable. Rated medium severity (CVSS 4.4), this vulnerability is low attack complexity. Public exploit code available.

Authentication Bypass Trend Micro Officescan
NVD Exploit-DB
CVSS 3.0
4.4
EPSS
1.4%
CVE-2018-1103 MEDIUM PATCH This Month

Openshift Enterprise source-to-image before version 1.1.10 is vulnerable to an improper validation of user input. Rated medium severity (CVSS 6.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Path Traversal Source To Image
NVD
CVSS 3.0
6.5
EPSS
1.3%
CVE-2018-12229 MEDIUM This Month

Cross-site scripting (XSS) vulnerability in Public Knowledge Project (PKP) Open Journal System (OJS) 3.0.0 to 3.1.1-1 allows remote attackers to inject arbitrary web script or HTML via the. Rated medium severity (CVSS 6.1), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

XSS Open Journal System
NVD GitHub
CVSS 3.0
6.1
EPSS
1.8%
CVE-2018-12232 MEDIUM PATCH This Month

In net/socket.c in the Linux kernel through 4.17.1, there is a race condition between fchownat and close in cases where they target the same socket file descriptor, related to the sock_close and. Rated medium severity (CVSS 5.9), this vulnerability is remotely exploitable, no authentication required.

Race Condition Denial Of Service Linux Linux Kernel
NVD GitHub
CVSS 3.0
5.9
EPSS
6.6%
CVE-2018-3579 MEDIUM PATCH This Month

In the WLAN driver in all Android releases from CAF (Android for MSM, Firefox OS for MSM, QRD Android) using the Linux Kernel, event->num_entries_in_page is a value received from firmware that is not. Rated medium severity (CVSS 5.5), this vulnerability is low attack complexity. This Out-of-bounds Read vulnerability could allow attackers to read data from memory outside the intended buffer boundaries.

Buffer Overflow Information Disclosure Linux Google Mozilla +1
NVD
CVSS 3.0
5.5
EPSS
0.2%
CVE-2018-5803 MEDIUM This Month

In the Linux Kernel before version 4.15.8, 4.14.25, 4.9.87, 4.4.121, 4.1.51, and 3.2.102, an error in the "_sctp_make_chunk()" function (net/sctp/sm_make_chunk.c) when handling SCTP packets length. Rated medium severity (CVSS 5.5), this vulnerability is low attack complexity. No vendor patch available.

Denial Of Service Linux Linux Kernel Debian Linux Virtualization Host +3
NVD
CVSS 3.0
5.5
EPSS
0.5%
CVE-2018-2425 MEDIUM This Month

Under certain conditions, SAP Business One, 9.2, 9.3, for SAP HANA backup service allows an attacker to access information which would otherwise be restricted. Rated medium severity (CVSS 5.5), this vulnerability is low attack complexity. No vendor patch available.

Information Disclosure SAP Business One
NVD
CVSS 3.0
5.5
EPSS
0.4%
CVE-2018-10470 MEDIUM This Month

Little Snitch versions 4.0 to 4.0.6 use the SecStaticCodeCheckValidityWithErrors() function without the kSecCSCheckAllArchitectures flag and therefore do not validate all architectures stored in a. Rated medium severity (CVSS 5.3), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Jwt Attack Information Disclosure Little Snitch
NVD
CVSS 3.1
5.3
EPSS
0.6%
CVE-2018-2428 MEDIUM This Month

Under certain conditions SAP UI5 Handler allows an attacker to access information which would otherwise be restricted. Rated medium severity (CVSS 5.3), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Information Disclosure SAP Infrastructure Ui
NVD
CVSS 3.0
5.3
EPSS
1.8%
CVE-2018-12227 MEDIUM PATCH This Month

An issue was discovered in Asterisk Open Source 13.x before 13.21.1, 14.x before 14.7.7, and 15.x before 15.4.1 and Certified Asterisk 13.18-cert before 13.18-cert4 and 13.21-cert before 13.21-cert2. Rated medium severity (CVSS 5.3), this vulnerability is remotely exploitable, no authentication required, low attack complexity. This Exposure of Sensitive Information vulnerability could allow attackers to access sensitive data that should not be disclosed.

Information Disclosure Asterisk Certified Asterisk Debian Linux
NVD
CVSS 3.0
5.3
EPSS
3.5%

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy