Skip to main content
CVE-2018-12699 CRITICAL POC Act Now

finish_stab in stabs.c in GNU Binutils 2.30 allows attackers to cause a denial of service (heap-based buffer overflow) or possibly have unspecified other impact, as demonstrated by an out-of-bounds. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Memory Corruption Denial Of Service Buffer Overflow Binutils Ubuntu Linux
NVD
CVSS 3.0
9.8
EPSS
4.5%
CVE-2018-12640 CRITICAL POC Act Now

The webService binary on Insteon HD IP Camera White 2864-222 devices has a Buffer Overflow via a crafted pid, pwd, or usr key in a GET request on port 34100. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Buffer Overflow 2864 222 Firmware
NVD GitHub
CVSS 3.1
9.8
EPSS
1.6%
CVE-2018-11560 CRITICAL POC Act Now

The webService binary on Insteon HD IP Camera White 2864-222 devices has a stack-based Buffer Overflow leading to Control-Flow Hijacking via a crafted usr key, as demonstrated by a long remoteIp. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Memory Corruption Buffer Overflow 2864 222 Firmware
NVD GitHub
CVSS 3.1
9.8
EPSS
1.6%
CVE-2018-12692 HIGH POC THREAT This Week

TP-Link TL-WA850RE Wi-Fi Range Extender with hardware version 5 allows remote authenticated users to execute arbitrary commands via shell metacharacters in the wps_setup_pin parameter to. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available and no vendor patch available.

TP-Link Command Injection Tl Wa850Re Firmware
NVD Exploit-DB
CVSS 3.0
8.8
EPSS
29.1%
CVE-2018-12698 HIGH POC This Week

demangle_template in cplus-dem.c in GNU libiberty, as distributed in GNU Binutils 2.30, allows attackers to trigger excessive memory consumption (aka OOM) during the "Create an array for saving the. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Information Disclosure Binutils Ubuntu Linux
NVD
CVSS 3.0
7.5
EPSS
6.7%
CVE-2018-12697 HIGH POC This Week

A NULL pointer dereference (aka SEGV on unknown address 0x000000000000) was discovered in work_stuff_copy_to_from in cplus-dem.c in GNU libiberty, as distributed in GNU Binutils 2.30. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Null Pointer Dereference Denial Of Service Binutils Ubuntu Linux
NVD
CVSS 3.0
7.5
EPSS
5.2%
CVE-2018-12694 HIGH POC This Week

TP-Link TL-WA850RE Wi-Fi Range Extender with hardware version 5 allows remote attackers to cause a denial of service (reboot) via data/reboot.json. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Denial Of Service TP-Link Tl Wa850Re Firmware
NVD
CVSS 3.0
7.5
EPSS
1.5%
CVE-2018-12693 MEDIUM POC THREAT This Month

Stack-based buffer overflow in TP-Link TL-WA850RE Wi-Fi Range Extender with hardware version 5 allows remote authenticated users to cause a denial of service (outage) via a long type parameter to. Rated medium severity (CVSS 6.5), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available and no vendor patch available.

Memory Corruption Denial Of Service Buffer Overflow TP-Link Tl Wa850Re Firmware
NVD
CVSS 3.0
6.5
EPSS
15.8%
CVE-2018-12696 MEDIUM This Month

mao10cms 6 allows XSS via the article page. Rated medium severity (CVSS 6.1), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

XSS Mao10Cms
NVD GitHub
CVSS 3.0
6.1
EPSS
0.7%
CVE-2018-12695 MEDIUM This Month

mao10cms 6 allows XSS via the m=bbs&a=index page. Rated medium severity (CVSS 6.1), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

XSS Mao10Cms
NVD GitHub
CVSS 3.0
6.1
EPSS
0.7%

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy