Skip to main content
CVE-2018-12464 CRITICAL POC THREAT Emergency

A SQL injection vulnerability in the web administration and quarantine components of Micro Focus Secure Messaging Gateway allows an unauthenticated remote attacker to execute arbitrary SQL statements. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

SQLi RCE Secure Messaging Gateway
NVD Exploit-DB
CVSS 3.0
9.8
EPSS
80.5%
CVE-2018-13011 CRITICAL POC Act Now

An issue was discovered in gpmf-parser 1.1.2. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Information Disclosure Buffer Overflow Gpmf Parser
NVD GitHub
CVSS 3.0
9.8
EPSS
1.8%
CVE-2018-13009 CRITICAL POC Act Now

An issue was discovered in gpmf-parser 1.1.2. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Information Disclosure Buffer Overflow Gpmf Parser
NVD GitHub
CVSS 3.0
9.8
EPSS
1.8%
CVE-2018-13008 CRITICAL POC Act Now

An issue was discovered in gpmf-parser 1.1.2. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Information Disclosure Buffer Overflow Gpmf Parser
NVD GitHub
CVSS 3.0
9.8
EPSS
1.8%
CVE-2018-13007 CRITICAL POC Act Now

An issue was discovered in gpmf-parser 1.1.2. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Information Disclosure Buffer Overflow Gpmf Parser
NVD GitHub
CVSS 3.0
9.8
EPSS
1.8%
CVE-2018-13005 CRITICAL POC Act Now

An issue was discovered in MP4Box in GPAC 0.7.1. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Information Disclosure Buffer Overflow Debian Linux Gpac Ubuntu Linux
NVD GitHub
CVSS 3.0
9.8
EPSS
2.5%
CVE-2018-12993 CRITICAL POC Act Now

onefilecms.php in OneFileCMS through 2012-04-14 might allow attackers to conduct brute-force attacks via the onefilecms_username and onefilecms_password fields. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Information Disclosure PHP Onefilecms
NVD GitHub
CVSS 3.0
9.8
EPSS
1.2%
CVE-2018-12984 CRITICAL POC Act Now

Hycus CMS 1.0.4 allows Authentication Bypass via "'=' 'OR'" credentials. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Authentication Bypass Hycus Cms
NVD Exploit-DB
CVSS 3.0
9.8
EPSS
2.6%
CVE-2018-13006 CRITICAL PATCH Act Now

An issue was discovered in MP4Box in GPAC 0.7.1. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. This Out-of-bounds Read vulnerability could allow attackers to read data from memory outside the intended buffer boundaries.

Information Disclosure Buffer Overflow Debian Linux Gpac Ubuntu Linux
NVD GitHub
CVSS 3.0
9.8
EPSS
2.3%
CVE-2018-12972 CRITICAL Act Now

An issue was discovered in OpenTSDB 2.3.0. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Command Injection Opentsdb
NVD GitHub
CVSS 3.0
9.8
EPSS
2.2%

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy