Skip to main content
CVE-2018-12613 HIGH POC PATCH THREAT Act Now

An issue was discovered in phpMyAdmin 4.8.x before 4.8.2, in which an attacker can include (view and potentially execute) files on the server. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available and no vendor patch available.

Authentication Bypass RCE Phpmyadmin
NVD Exploit-DB
CVSS 3.1
8.8
EPSS
98.5%
CVE-2018-12631 HIGH POC This Week

Redatam7 (formerly Redatam WebServer) allows remote attackers to read arbitrary files via /redbin/rpwebutilities.exe/text?LFN=../ directory traversal. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Path Traversal Redatam
NVD Exploit-DB
CVSS 3.0
7.5
EPSS
3.3%
CVE-2018-12617 HIGH POC PATCH THREAT This Week

qmp_guest_file_read in qga/commands-posix.c and qga/commands-win32.c in qemu-ga (aka QEMU Guest Agent) in QEMU 2.12.50 has an integer overflow causing a g_malloc0() call to trigger a segmentation. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available.

Integer Overflow Buffer Overflow Qemu Ubuntu Linux Debian Linux
NVD GitHub Exploit-DB
CVSS 3.1
7.5
EPSS
25.3%
CVE-2018-0365 HIGH This Week

A vulnerability in the web-based management interface of Cisco Firepower Management Center could allow an unauthenticated, remote attacker to conduct a cross-site request forgery (CSRF) attack and. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

CSRF Cisco Secure Firewall Management Center Firepower Appliance 8360 Firmware Firepower Management Center 2500 Firmware +29
NVD
CVSS 3.0
8.8
EPSS
0.9%
CVE-2018-0364 HIGH This Week

A vulnerability in the web-based management interface of Cisco Unified Communications Domain Manager could allow an unauthenticated, remote attacker to conduct a cross-site request forgery (CSRF). Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

CSRF Cisco Unified Communications Domain Manager
NVD
CVSS 3.0
8.8
EPSS
0.9%
CVE-2018-0363 HIGH This Week

A vulnerability in the web-based management interface of Cisco Unified Communications Manager IM & Presence Service (formerly CUPS) could allow an unauthenticated, remote attacker to conduct a. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

CSRF Cisco Unified Communications Manager Im And Presence Service
NVD
CVSS 3.0
8.8
EPSS
1.2%
CVE-2018-0313 HIGH This Week

A vulnerability in the NX-API feature of Cisco NX-OS Software could allow an authenticated, remote attacker to send a malicious packet to the management interface on an affected system and execute a. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Code Injection Cisco Nx Os
NVD
CVSS 3.1
8.8
EPSS
4.0%
CVE-2018-0303 HIGH This Week

A vulnerability in the Cisco Discovery Protocol component of Cisco FXOS Software and Cisco NX-OS Software could allow an unauthenticated, adjacent attacker to execute arbitrary code as root or cause. Rated high severity (CVSS 8.8), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Denial Of Service RCE Buffer Overflow Cisco Nx Os +1
NVD
CVSS 3.0
8.8
EPSS
1.1%
CVE-2018-0305 HIGH This Week

A vulnerability in the Cisco Fabric Services component of Cisco FXOS Software and Cisco NX-OS Software could allow an unauthenticated, remote attacker to cause a denial of service (DoS) condition on. Rated high severity (CVSS 8.6), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Null Pointer Dereference Denial Of Service Cisco Nexus 7000 Firmware Nexus 5000 Firmware +3
NVD
CVSS 3.0
8.6
EPSS
2.3%
CVE-2018-0337 HIGH This Week

A vulnerability in the role-based access-checking mechanisms of Cisco NX-OS Software could allow an authenticated, local attacker to execute arbitrary commands on an affected device. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. No vendor patch available.

Information Disclosure Cisco Nx Os
NVD
CVSS 3.1
7.8
EPSS
0.3%
CVE-2018-0306 HIGH This Week

A vulnerability in the CLI parser of Cisco NX-OS Software could allow an authenticated, local attacker to perform a command-injection attack on an affected device. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. No vendor patch available.

Code Injection Cisco Nx Os
NVD
CVSS 3.1
7.8
EPSS
0.6%
CVE-2018-0302 HIGH This Week

A vulnerability in the CLI parser of Cisco FXOS Software and Cisco UCS Fabric Interconnect Software could allow an authenticated, local attacker to cause a buffer overflow on an affected device. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. No vendor patch available.

RCE Buffer Overflow Cisco Nx Os Firepower Extensible Operating System
NVD
CVSS 3.1
7.8
EPSS
0.4%
CVE-2018-0309 HIGH This Week

A vulnerability in the implementation of a specific CLI command and the associated Simple Network Management Protocol (SNMP) MIB for Cisco NX-OS (in standalone NX-OS mode) on Cisco Nexus 3000 and. Rated high severity (CVSS 7.7), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Denial Of Service Cisco Nx Os
NVD
CVSS 3.0
7.7
EPSS
2.0%
CVE-2018-7683 HIGH This Week

Micro Focus Solutions Business Manager versions prior to 11.4 might reveal certain sensitive information in server log files. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Information Disclosure Solutions Business Manager
NVD
CVSS 3.0
7.5
EPSS
1.1%
CVE-2018-0358 HIGH This Week

A vulnerability in the file descriptor handling of Cisco TelePresence Video Communication Server (VCS) Expressway could allow an unauthenticated, remote attacker to cause a denial of service (DoS). Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Denial Of Service Cisco Telepresence Video Communication Server
NVD
CVSS 3.1
7.5
EPSS
3.4%
CVE-2018-0311 HIGH This Week

A vulnerability in the Cisco Fabric Services component of Cisco FXOS Software and Cisco NX-OS Software could allow an unauthenticated, remote attacker to cause a denial of service (DoS) condition on. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Denial Of Service Buffer Overflow Cisco Nx Os Firepower Extensible Operating System
NVD
CVSS 3.0
7.5
EPSS
2.8%
CVE-2018-0298 HIGH This Week

A vulnerability in the web UI of Cisco FXOS and Cisco UCS Fabric Interconnect Software could allow an unauthenticated, remote attacker to cause a buffer overflow on an affected system. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Denial Of Service Buffer Overflow Cisco Nx Os Firepower Extensible Operating System
NVD
CVSS 3.0
7.5
EPSS
1.9%
CVE-2018-0300 HIGH This Week

A vulnerability in the process of uploading new application images to Cisco FXOS on the Cisco Firepower 4100 Series Next-Generation Firewall (NGFW) and Firepower 9300 Security Appliance could allow. Rated high severity (CVSS 7.2), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

RCE Path Traversal Cisco Fxos
NVD
CVSS 3.0
7.2
EPSS
7.4%

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy