Skip to main content
CVE-2018-12503 CRITICAL Act Now

tinyexr 0.9.5 has a heap-based buffer over-read in LoadEXRImageFromMemory in tinyexr.h. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Information Disclosure Buffer Overflow Tinyexr
NVD GitHub
CVSS 3.0
9.8
EPSS
1.8%
CVE-2018-11221 CRITICAL Act Now

Unauthenticated untrusted file upload in Artica Pandora FMS through version 7.23 allows an attacker to upload an arbitrary plugin via include/ajax/update_manager.ajax in the update system. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

File Upload Pandora Fms
NVD
CVSS 3.0
9.8
EPSS
5.0%

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy