Skip to main content
CVE-2018-0573 MEDIUM PATCH This Month

baserCMS (baserCMS 4.1.0.1 and earlier versions, baserCMS 3.0.15 and earlier versions) allows remote attackers to bypass access restriction for a content to view a file which is uploaded by a site. Rated medium severity (CVSS 5.3), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Privilege Escalation Basercms
NVD
CVSS 3.0
5.3
EPSS
1.1%
CVE-2018-4861 MEDIUM This Month

A vulnerability has been identified in SCALANCE M875 (All versions). Rated medium severity (CVSS 4.9), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Siemens Path Traversal Scalance M875 Firmware
NVD
CVSS 3.0
4.9
EPSS
1.9%
CVE-2018-11448 MEDIUM This Month

A vulnerability has been identified in SCALANCE M875 (All versions). Rated medium severity (CVSS 4.8), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

CSRF XSS Siemens Scalance M875 Firmware
NVD
CVSS 3.0
4.8
EPSS
0.3%
CVE-2018-1000532 MEDIUM This Month

beep version 1.3 and up contains a External Control of File Name or Path vulnerability in --device option that can result in Local unprivileged user can inhibit execution of arbitrary programs by. Rated medium severity (CVSS 4.7). No vendor patch available.

Path Traversal Beep
NVD GitHub
CVSS 3.0
4.7
EPSS
0.4%
CVE-2018-1000503 MEDIUM This Month

MyBB Group MyBB contains a Incorrect Access Control vulnerability in Private forums that can result in Users can view posts from private forums without having the password. Rated medium severity (CVSS 4.3), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Privilege Escalation Mybb
NVD
CVSS 3.0
4.3
EPSS
0.6%
CVE-2018-0571 MEDIUM PATCH This Month

baserCMS (baserCMS 4.1.0.1 and earlier versions, baserCMS 3.0.15 and earlier versions) allows remote attackers with a site operator privilege to upload arbitrary files. Rated medium severity (CVSS 4.3), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

File Upload Basercms
NVD
CVSS 3.0
4.3
EPSS
1.1%
CVE-2018-0566 MEDIUM This Month

Cybozu Office 10.0.0 to 10.8.0 allows authenticated attackers to bypass authentication to obtain the schedules without access privilege via unspecified vectors. Rated medium severity (CVSS 4.3), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Privilege Escalation Microsoft Office
NVD
CVSS 3.0
4.3
EPSS
0.9%
CVE-2018-0529 MEDIUM This Month

Cybozu Office 10.0.0 to 10.7.0 allows remote attackers to cause a denial of service via unspecified vectors. Rated medium severity (CVSS 4.3), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Microsoft Denial Of Service Office
NVD
CVSS 3.0
4.3
EPSS
1.1%
CVE-2018-0528 MEDIUM This Month

Cybozu Office 10.0.0 to 10.7.0 allows authenticated attackers to bypass authentication to view the schedules that are not permitted to access via unspecified vectors. Rated medium severity (CVSS 4.3), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Microsoft Information Disclosure Office
NVD
CVSS 3.0
4.3
EPSS
0.9%
CVE-2018-0526 MEDIUM This Month

Cybozu Office 10.0.0 to 10.7.0 allow remote attackers to display an image located in an external server via unspecified vectors. Rated medium severity (CVSS 4.3), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Microsoft Information Disclosure Office
NVD
CVSS 3.0
4.3
EPSS
1.0%
Prev Page 2 of 2

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy