Skip to main content
CVE-2018-12578 CRITICAL POC Act Now

There is a heap-based buffer overflow in bmp_compress1_row in appliers.cpp in sam2p 0.49.4 that leads to a denial of service or possibly unspecified other impact. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Memory Corruption Denial Of Service Buffer Overflow Sam2P
NVD GitHub
CVSS 3.0
9.8
EPSS
2.1%
CVE-2018-6210 CRITICAL Act Now

D-Link DIR-620 devices, with a certain Rostelekom variant of firmware 1.0.37, have a hardcoded rostel account, which makes it easier for remote attackers to obtain access via a TELNET session. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Authentication Bypass D-Link Dir 620 Firmware
NVD
CVSS 3.1
9.8
EPSS
3.1%
CVE-2018-12562 CRITICAL PATCH Act Now

An issue was discovered in the cantata-mounter D-Bus service in Cantata through 2.3.1. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity.

Code Injection Cantata
NVD GitHub
CVSS 3.0
9.8
EPSS
1.7%
CVE-2018-12557 CRITICAL PATCH Act Now

An issue was discovered in Zuul 3.x before 3.1.0. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. This Exposure of Sensitive Information vulnerability could allow attackers to access sensitive data that should not be disclosed.

Information Disclosure Zuul
NVD
CVSS 3.0
9.8
EPSS
1.9%

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy