Skip to main content
CVE-2018-12632 MEDIUM POC This Month

Redatam7 (formerly Redatam WebServer) allows remote attackers to discover the installation path via an invalid LFN parameter to the /redbin/rpwebutilities.exe/text URI. Rated medium severity (CVSS 5.3), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Information Disclosure Redatam
NVD Exploit-DB
CVSS 3.0
5.3
EPSS
1.4%
CVE-2018-0371 MEDIUM This Month

A vulnerability in the Web Admin Interface of Cisco Meeting Server could allow an authenticated, remote attacker to cause a denial of service (DoS) condition. Rated medium severity (CVSS 6.5), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Denial Of Service Cisco Meeting Server
NVD
CVSS 3.0
6.5
EPSS
3.2%
CVE-2018-0331 MEDIUM This Month

A vulnerability in the Cisco Discovery Protocol (formerly known as CDP) subsystem of devices running, or based on, Cisco NX-OS Software contain a vulnerability that could allow an unauthenticated,. Rated medium severity (CVSS 6.5), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Denial Of Service Cisco Nx Os Firepower Extensible Operating System Fxos
NVD
CVSS 3.1
6.5
EPSS
0.6%
CVE-2018-0299 MEDIUM This Month

A vulnerability in the Simple Network Management Protocol (SNMP) feature of Cisco NX-OS on the Cisco Nexus 4000 Series Switch could allow an authenticated, remote attacker to cause the device to. Rated medium severity (CVSS 6.5), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Denial Of Service Cisco Nx Os
NVD
CVSS 3.0
6.5
EPSS
2.0%
CVE-2018-12581 MEDIUM PATCH This Month

An issue was discovered in js/designer/move.js in phpMyAdmin before 4.8.2. Rated medium severity (CVSS 6.1), this vulnerability is remotely exploitable, no authentication required, low attack complexity. This Cross-Site Scripting (XSS) vulnerability could allow attackers to inject malicious scripts into web pages viewed by other users.

XSS Phpmyadmin
NVD
CVSS 3.0
6.1
EPSS
1.8%
CVE-2018-7680 MEDIUM This Month

Micro Focus Solutions Business Manager versions prior to 11.4 can reflect back HTTP header values. Rated medium severity (CVSS 6.1), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

XSS Solutions Business Manager
NVD
CVSS 3.0
6.1
EPSS
0.6%
CVE-2018-1254 MEDIUM This Month

RSA Authentication Manager Security Console, versions 8.3 P1 and earlier, contains a reflected cross-site scripting vulnerability. Rated medium severity (CVSS 6.1), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

XSS Rsa Authentication Manager
NVD
CVSS 3.0
6.1
EPSS
2.0%
CVE-2018-1253 MEDIUM This Month

RSA Authentication Manager Operation Console, versions 8.3 P1 and earlier, contains a stored cross-site scripting vulnerability. Rated medium severity (CVSS 6.1), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

XSS Rsa Authentication Manager
NVD
CVSS 3.1
6.1
EPSS
1.5%
CVE-2018-3665 MEDIUM This Month

System software utilizing Lazy FP state restore technique on systems using Intel Core-based microprocessors may potentially allow a local process to infer data from another process through a. Rated medium severity (CVSS 5.6). No vendor patch available.

Intel Information Disclosure Core I3 Core I5 Core I7 +11
NVD
CVSS 3.1
5.6
EPSS
0.6%
CVE-2018-0373 MEDIUM This Month

A vulnerability in vpnva-6.sys for 32-bit Windows and vpnva64-6.sys for 64-bit Windows of Cisco AnyConnect Secure Mobility Client for Windows Desktop could allow an authenticated, local attacker to. Rated medium severity (CVSS 5.5), this vulnerability is low attack complexity. No vendor patch available.

Microsoft Denial Of Service Cisco Anyconnect Secure Mobility Client
NVD
CVSS 3.0
5.5
EPSS
0.4%
CVE-2018-0359 MEDIUM This Month

A vulnerability in the session identification management functionality of the web-based management interface for Cisco Meeting Server could allow an unauthenticated, local attacker to hijack a valid. Rated medium severity (CVSS 5.5), this vulnerability is low attack complexity. No vendor patch available.

Session Fixation Information Disclosure Cisco Meeting Server
NVD
CVSS 3.0
5.5
EPSS
0.4%
CVE-2018-12615 MEDIUM PATCH This Month

An issue was discovered in switchGroup() in agent/ExecHelper/ExecHelperMain.cpp in Phusion Passenger before 5.3.2. Rated medium severity (CVSS 5.3), this vulnerability is remotely exploitable, no authentication required, low attack complexity. This Incorrect Permission Assignment vulnerability could allow attackers to access resources due to misconfigured permissions.

Information Disclosure Passenger
NVD GitHub
CVSS 3.0
5.3
EPSS
1.2%
CVE-2018-7681 MEDIUM This Month

Micro Focus Solutions Business Manager versions prior to 11.4 allows JavaScript to be embedded in URLs placed in "Favorites" folder. Rated medium severity (CVSS 4.8), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

XSS Solutions Business Manager
NVD
CVSS 3.0
4.8
EPSS
0.5%
CVE-2018-0362 MEDIUM This Month

A vulnerability in BIOS authentication management of Cisco 5000 Series Enterprise Network Compute System and Cisco Unified Computing (UCS) E-Series Servers could allow an unauthenticated, local. Rated medium severity (CVSS 4.3), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Authentication Bypass Cisco 5400 Enterprise Network Compute System Firmware 5100 Enterprise Network Compute System Firmware Ucs E160S M3 Firmware +18
NVD
CVSS 3.0
4.3
EPSS
0.4%

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy