Skip to main content
CVE-2018-12896 MEDIUM POC PATCH This Month

An issue was discovered in the Linux kernel through 4.17.3. Rated medium severity (CVSS 5.5), this vulnerability is low attack complexity. Public exploit code available.

Integer Overflow Denial Of Service Linux Linux Kernel Debian Linux +1
NVD GitHub
CVSS 3.0
5.5
EPSS
0.6%
CVE-2018-12893 MEDIUM PATCH This Month

An issue was discovered in Xen through 4.10.x. Rated medium severity (CVSS 6.5), this vulnerability is low attack complexity.

Denial Of Service Xen Debian Linux
NVD
CVSS 3.0
6.5
EPSS
0.4%
CVE-2018-12891 MEDIUM PATCH This Month

An issue was discovered in Xen through 4.10.x. Rated medium severity (CVSS 6.5), this vulnerability is low attack complexity.

Denial Of Service Debian Linux Xen
NVD
CVSS 3.0
6.5
EPSS
0.4%
CVE-2018-10076 MEDIUM This Month

An issue was discovered in Zoho ManageEngine EventLog Analyzer 11.12. Rated medium severity (CVSS 6.1), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Zoho XSS Manageengine Eventlog Analyzer
NVD
CVSS 3.0
6.1
EPSS
1.3%
CVE-2018-10075 MEDIUM This Month

Cross-site scripting (XSS) vulnerability in Zoho ManageEngine EventLog Analyzer 11.12 allows remote attackers to inject arbitrary web script or HTML via the import logs feature. Rated medium severity (CVSS 6.1), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Zoho XSS Manageengine Eventlog Analyzer
NVD
CVSS 3.0
6.1
EPSS
1.3%
CVE-2018-0499 MEDIUM PATCH This Month

A cross-site scripting vulnerability in queryparser/termgenerator_internal.cc in Xapian xapian-core before 1.4.6 exists due to incomplete HTML escaping by Xapian::MSet::snippet(). Rated medium severity (CVSS 6.1), this vulnerability is remotely exploitable, no authentication required, low attack complexity. This Cross-Site Scripting (XSS) vulnerability could allow attackers to inject malicious scripts into web pages viewed by other users.

XSS Xapian Core Ubuntu Linux
NVD
CVSS 3.0
6.1
EPSS
1.5%
CVE-2018-1249 MEDIUM This Month

Dell EMC iDRAC9 versions prior to 3.21.21.21 did not enforce the use of TLS/SSL for a connection to iDRAC web server for certain URLs. Rated medium severity (CVSS 5.9), this vulnerability is remotely exploitable, no authentication required. No vendor patch available.

Dell Information Disclosure Idrac9 Firmware
NVD
CVSS 3.0
5.9
EPSS
0.9%
CVE-2018-12576 MEDIUM This Month

TP-Link TL-WR841N v13 00000001 0.9.1 4.16 v0001.0 Build 180119 Rel.65243n devices allow clickjacking. Rated medium severity (CVSS 4.3), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

XSS TP-Link Tl Wr841n Firmware
NVD
CVSS 3.0
4.3
EPSS
0.7%

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy