Skip to main content
CVE-2018-13790 HIGH POC This Week

A Server Side Request Forgery (SSRF) vulnerability in tools/files/importers/remote.php in concrete5 8.2.0 can lead to attacks on the local network and mapping of the internal network, because of URL. Rated high severity (CVSS 7.2), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available and no vendor patch available.

SSRF PHP Concrete Cms
NVD
CVSS 3.1
7.2
EPSS
1.0%
CVE-2018-6831 HIGH POC This Week

The setSystemTime function in Foscam Cameras C1 Lite V3, and C1 V3 with firmware 2.82.2.33 and earlier, FI9800P V3, FI9803P V4, FI9851P V3, and FI9853EP V2 2.84.2.33 and earlier, FI9816P V3, FI9821EP. Rated high severity (CVSS 7.2), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available and no vendor patch available.

Command Injection C1 Lite Firmware C1 Firmware Fi9800P Firmware Fi9821Ep Firmware +28
NVD
CVSS 3.0
7.2
EPSS
4.5%
CVE-2018-11450 MEDIUM POC This Month

A reflected Cross-Site-Scripting (XSS) vulnerability has been identified in Siemens PLM Software TEAMCENTER (V9.1.2.5). Rated medium severity (CVSS 6.1), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

XSS Siemens Teamcenter Product Lifecycle Management
NVD GitHub
CVSS 3.0
6.1
EPSS
0.8%
CVE-2018-13256 MEDIUM POC This Month

PHP Scripts Mall Auditor Website 2.0.1 has XSS via the lastname or firstname parameter. Rated medium severity (CVSS 6.1), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

XSS PHP Auditor Website Project
NVD Exploit-DB
CVSS 3.1
6.1
EPSS
1.0%
CVE-2018-13794 CRITICAL Act Now

A heap-based buffer overflow exists in stbi__bmp_load_cont in stb_image.h in catimg 2.4.0. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Memory Corruption Buffer Overflow Catimg
NVD GitHub
CVSS 3.1
9.8
EPSS
1.5%
CVE-2018-13791 CRITICAL Act Now

The HTTP API in ABBYY FlexiCapture before 12 Release 1 Update 7 allows an attacker to conduct Access Control attacks via the /FlexiCapture12/Login/Server/SevaUserProfile FlexiCaptureTmsSts2 parameter. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Information Disclosure Flexicapture
NVD
CVSS 3.0
9.8
EPSS
1.1%
CVE-2018-1000620 CRITICAL PATCH Act Now

Eran Hammer cryptiles version 4.1.1 earlier contains a CWE-331: Insufficient Entropy vulnerability in randomDigits() method that can result in An attacker is more likely to be able to brute force. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity.

Information Disclosure Cryptiles
NVD GitHub
CVSS 3.1
9.8
EPSS
1.7%
CVE-2018-1000618 CRITICAL Act Now

EOSIO/eos eos version after commit f1545dd0ae2b77580c2236fdb70ae7138d2c7168 contains a stack overflow vulnerability in abi_serializer that can result in attack eos network node. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Buffer Overflow Eos
NVD GitHub
CVSS 3.0
9.8
EPSS
1.5%
CVE-2018-1000613 CRITICAL PATCH Act Now

Legion of the Bouncy Castle Legion of the Bouncy Castle Java Cryptography APIs 1.58 up to but not including 1.60 contains a CWE-470: Use of Externally-Controlled Input to Select Classes or Code. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity.

Java Deserialization Bc Java Oncommand Workflow Automation Leap +21
NVD GitHub
CVSS 3.1
9.8
EPSS
4.8%
CVE-2018-4996 CRITICAL PATCH Act Now

Adobe Acrobat and Reader versions 2018.011.20038 and earlier, 2017.011.30079 and earlier, and 2015.006.30417 and earlier have a Use-after-free vulnerability. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. This Use After Free vulnerability could allow attackers to access freed memory to execute arbitrary code or crash the application.

Memory Corruption Adobe RCE Use After Free Acrobat Dc +1
NVD
CVSS 3.0
9.8
EPSS
9.2%
CVE-2018-4995 CRITICAL PATCH Act Now

Adobe Acrobat and Reader versions 2018.011.20038 and earlier, 2017.011.30079 and earlier, and 2015.006.30417 and earlier have an XFA '\n' POST injection vulnerability. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity.

Authentication Bypass Adobe Acrobat Dc Acrobat Reader Dc
NVD
CVSS 3.0
9.8
EPSS
8.0%
CVE-2018-4989 CRITICAL PATCH Act Now

Adobe Acrobat and Reader versions 2018.011.20038 and earlier, 2017.011.30079 and earlier, and 2015.006.30417 and earlier have a Use-after-free vulnerability. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. This Use After Free vulnerability could allow attackers to access freed memory to execute arbitrary code or crash the application.

Memory Corruption Adobe RCE Use After Free Acrobat Dc +1
NVD
CVSS 3.0
9.8
EPSS
12.1%
CVE-2018-4988 CRITICAL PATCH Act Now

Adobe Acrobat and Reader versions 2018.011.20038 and earlier, 2017.011.30079 and earlier, and 2015.006.30417 and earlier have a Use-after-free vulnerability. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. This Use After Free vulnerability could allow attackers to access freed memory to execute arbitrary code or crash the application.

Memory Corruption Adobe RCE Use After Free Acrobat Dc +1
NVD
CVSS 3.0
9.8
EPSS
12.1%
CVE-2018-4987 CRITICAL PATCH Act Now

Adobe Acrobat and Reader versions 2018.011.20038 and earlier, 2017.011.30079 and earlier, and 2015.006.30417 and earlier have an Untrusted pointer dereference vulnerability. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. This NULL Pointer Dereference vulnerability could allow attackers to crash the application by dereferencing a null pointer.

Null Pointer Dereference Adobe Denial Of Service RCE Acrobat Dc +1
NVD
CVSS 3.0
9.8
EPSS
13.9%
CVE-2018-4984 CRITICAL PATCH Act Now

Adobe Acrobat and Reader versions 2018.011.20038 and earlier, 2017.011.30079 and earlier, and 2015.006.30417 and earlier have a Heap Overflow vulnerability. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. This Out-of-bounds Write vulnerability could allow attackers to write data beyond allocated buffer boundaries leading to code execution or crashes.

Memory Corruption Adobe RCE Buffer Overflow Acrobat Dc +1
NVD
CVSS 3.0
9.8
EPSS
16.0%
CVE-2018-4983 CRITICAL PATCH Act Now

Adobe Acrobat and Reader versions 2018.011.20038 and earlier, 2017.011.30079 and earlier, and 2015.006.30417 and earlier have a Use-after-free vulnerability. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. This Use After Free vulnerability could allow attackers to access freed memory to execute arbitrary code or crash the application.

Memory Corruption Adobe RCE Use After Free Acrobat Dc +1
NVD
CVSS 3.0
9.8
EPSS
12.1%
CVE-2018-4978 CRITICAL PATCH Act Now

Adobe Acrobat and Reader versions 2018.011.20038 and earlier, 2017.011.30079 and earlier, and 2015.006.30417 and earlier have a Heap Overflow vulnerability. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. This Out-of-bounds Write vulnerability could allow attackers to write data beyond allocated buffer boundaries leading to code execution or crashes.

Memory Corruption Adobe RCE Buffer Overflow Acrobat Dc +1
NVD
CVSS 3.0
9.8
EPSS
16.0%
CVE-2018-4977 CRITICAL PATCH Act Now

Adobe Acrobat and Reader versions 2018.011.20038 and earlier, 2017.011.30079 and earlier, and 2015.006.30417 and earlier have a Use-after-free vulnerability. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. This Use After Free vulnerability could allow attackers to access freed memory to execute arbitrary code or crash the application.

Memory Corruption Adobe RCE Use After Free Acrobat Dc +1
NVD
CVSS 3.0
9.8
EPSS
12.1%
CVE-2018-4968 CRITICAL PATCH Act Now

Adobe Acrobat and Reader versions 2018.011.20038 and earlier, 2017.011.30079 and earlier, and 2015.006.30417 and earlier have a Heap Overflow vulnerability. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. This Out-of-bounds Write vulnerability could allow attackers to write data beyond allocated buffer boundaries leading to code execution or crashes.

Memory Corruption Adobe RCE Buffer Overflow Acrobat Dc +1
NVD
CVSS 3.0
9.8
EPSS
16.0%
CVE-2018-4966 CRITICAL PATCH Act Now

Adobe Acrobat and Reader versions 2018.011.20038 and earlier, 2017.011.30079 and earlier, and 2015.006.30417 and earlier have a Heap Overflow vulnerability. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. This Out-of-bounds Write vulnerability could allow attackers to write data beyond allocated buffer boundaries leading to code execution or crashes.

Memory Corruption Adobe RCE Buffer Overflow Acrobat Dc +1
NVD
CVSS 3.0
9.8
EPSS
16.0%
CVE-2018-4961 CRITICAL PATCH Act Now

Adobe Acrobat and Reader versions 2018.011.20038 and earlier, 2017.011.30079 and earlier, and 2015.006.30417 and earlier have a Use-after-free vulnerability. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. This Use After Free vulnerability could allow attackers to access freed memory to execute arbitrary code or crash the application.

Memory Corruption Adobe RCE Use After Free Acrobat Dc +1
NVD
CVSS 3.0
9.8
EPSS
12.1%
CVE-2018-4959 CRITICAL PATCH Act Now

Adobe Acrobat and Reader versions 2018.011.20038 and earlier, 2017.011.30079 and earlier, and 2015.006.30417 and earlier have a Use-after-free vulnerability. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. This Use After Free vulnerability could allow attackers to access freed memory to execute arbitrary code or crash the application.

Memory Corruption Adobe RCE Use After Free Acrobat Dc +1
NVD
CVSS 3.0
9.8
EPSS
12.1%
CVE-2018-4958 CRITICAL PATCH Act Now

Adobe Acrobat and Reader versions 2018.011.20038 and earlier, 2017.011.30079 and earlier, and 2015.006.30417 and earlier have a Use-after-free vulnerability. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. This Use After Free vulnerability could allow attackers to access freed memory to execute arbitrary code or crash the application.

Memory Corruption Adobe RCE Use After Free Acrobat Dc +1
NVD
CVSS 3.0
9.8
EPSS
12.1%
CVE-2018-4950 CRITICAL PATCH Act Now

Adobe Acrobat and Reader versions 2018.011.20038 and earlier, 2017.011.30079 and earlier, and 2015.006.30417 and earlier have an Out-of-bounds write vulnerability. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity.

Memory Corruption Adobe RCE Buffer Overflow Acrobat Dc +1
NVD
CVSS 3.0
9.8
EPSS
11.1%
CVE-2018-4948 CRITICAL PATCH Act Now

Adobe Acrobat and Reader versions 2018.011.20038 and earlier, 2017.011.30079 and earlier, and 2015.006.30417 and earlier have a Heap Overflow vulnerability. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. This Out-of-bounds Write vulnerability could allow attackers to write data beyond allocated buffer boundaries leading to code execution or crashes.

Memory Corruption Adobe RCE Buffer Overflow Acrobat Dc +1
NVD
CVSS 3.0
9.8
EPSS
16.0%
CVE-2018-4947 CRITICAL PATCH Act Now

Adobe Acrobat and Reader versions 2018.011.20038 and earlier, 2017.011.30079 and earlier, and 2015.006.30417 and earlier have a Heap Overflow vulnerability. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. This Out-of-bounds Write vulnerability could allow attackers to write data beyond allocated buffer boundaries leading to code execution or crashes.

Memory Corruption Adobe RCE Buffer Overflow Acrobat Dc +1
NVD
CVSS 3.0
9.8
EPSS
16.0%
CVE-2018-11542 CRITICAL Act Now

A Remote Command Execution (RCE) vulnerability in the Sonus SBC 1000 / SBC 2000 / SBC SWe Lite web interface allows for the execution of arbitrary commands via an unspecified vector. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Information Disclosure Sonus Sbc 1000 Firmware Sonus Sbc 2000 Firmware Sbc Swe Lite Firmware
NVD GitHub
CVSS 3.0
9.8
EPSS
3.4%
CVE-2018-11541 CRITICAL Act Now

A root privilege escalation vulnerability in the Sonus SBC 1000 / SBC 2000 / SBC SWe Lite web interface allows unauthorised access to privileged content via an unspecified vector. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Authentication Bypass Privilege Escalation Sonus Sbc 1000 Firmware Sonus Sbc 2000 Firmware Sbc Swe Lite Web
NVD GitHub
CVSS 3.0
9.8
EPSS
1.8%
CVE-2018-13793 HIGH This Week

Multiple Cross Site Request Forgery (CSRF) vulnerabilities in the HTTP API in ABBYY FlexiCapture before 12 Release 1 Update 7 exist in Web Verification, Web Scanning, Web Capture, Monitoring and. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

CSRF Flexicapture
NVD
CVSS 3.0
8.8
EPSS
0.5%
CVE-2018-1000619 HIGH This Week

Ovidentia version 8.4.3 and earlier contains a Unsanitized User Input vulnerability in utilit.php, bab_getAddonFilePathfromTg that can result in Authenticated Remote Code Execution. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

File Upload RCE PHP Ovidentia
NVD
CVSS 3.0
8.8
EPSS
2.3%
CVE-2018-4998 HIGH PATCH This Week

Adobe Acrobat and Reader versions 2018.009.20050 and earlier, 2017.011.30070 and earlier, and 2015.006.30394 and earlier have a Memory corruption vulnerability. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. This Buffer Overflow vulnerability could allow attackers to corrupt memory to execute arbitrary code or crash the application.

Adobe RCE Buffer Overflow Acrobat Acrobat Dc +2
NVD
CVSS 3.0
8.8
EPSS
8.6%
CVE-2018-4997 HIGH PATCH This Week

Adobe Acrobat and Reader versions 2018.009.20050 and earlier, 2017.011.30070 and earlier, and 2015.006.30394 and earlier have an Out-of-bounds write vulnerability. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity.

Memory Corruption Adobe RCE Buffer Overflow Acrobat +3
NVD
CVSS 3.0
8.8
EPSS
8.5%
CVE-2018-4990 HIGH KEV THREAT This Week

Adobe Acrobat and Reader versions 2018.011.20038 and earlier, 2017.011.30079 and earlier, and 2015.006.30417 and earlier have a Double Free vulnerability. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Adobe RCE Acrobat Dc Acrobat Reader Dc
NVD
CVSS 3.1
8.8
EPSS
40.5%
CVE-2018-4982 HIGH PATCH This Week

Adobe Acrobat and Reader versions 2018.011.20038 and earlier, 2017.011.30079 and earlier, and 2015.006.30417 and earlier have a Heap Overflow vulnerability. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. This Out-of-bounds Write vulnerability could allow attackers to write data beyond allocated buffer boundaries leading to code execution or crashes.

Memory Corruption Adobe RCE Buffer Overflow Acrobat Dc +1
NVD
CVSS 3.0
8.8
EPSS
32.0%
CVE-2018-4980 HIGH PATCH This Week

Adobe Acrobat and Reader versions 2018.011.20038 and earlier, 2017.011.30079 and earlier, and 2015.006.30417 and earlier have a Use-after-free vulnerability. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. This Use After Free vulnerability could allow attackers to access freed memory to execute arbitrary code or crash the application.

Memory Corruption Adobe RCE Use After Free Acrobat Dc +1
NVD
CVSS 3.0
8.8
EPSS
9.9%
CVE-2018-4974 HIGH PATCH This Week

Adobe Acrobat and Reader versions 2018.011.20038 and earlier, 2017.011.30079 and earlier, and 2015.006.30417 and earlier have a Use-after-free vulnerability. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. This Use After Free vulnerability could allow attackers to access freed memory to execute arbitrary code or crash the application.

Memory Corruption Adobe RCE Use After Free Acrobat Dc +1
NVD
CVSS 3.0
8.8
EPSS
9.9%
CVE-2018-4971 HIGH PATCH This Week

Adobe Acrobat and Reader versions 2018.011.20038 and earlier, 2017.011.30079 and earlier, and 2015.006.30417 and earlier have a Use-after-free vulnerability. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. This Use After Free vulnerability could allow attackers to access freed memory to execute arbitrary code or crash the application.

Memory Corruption Adobe RCE Use After Free Acrobat Dc +1
NVD
CVSS 3.0
8.8
EPSS
9.9%
CVE-2018-4954 HIGH PATCH This Week

Adobe Acrobat and Reader versions 2018.011.20038 and earlier, 2017.011.30079 and earlier, and 2015.006.30417 and earlier have a Use-after-free vulnerability. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. This Use After Free vulnerability could allow attackers to access freed memory to execute arbitrary code or crash the application.

Memory Corruption Adobe RCE Use After Free Acrobat Dc +1
NVD
CVSS 3.0
8.8
EPSS
10.2%
CVE-2018-4953 HIGH PATCH This Week

Adobe Acrobat and Reader versions 2018.011.20038 and earlier, 2017.011.30079 and earlier, and 2015.006.30417 and earlier have a Type Confusion vulnerability. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity.

Adobe RCE Acrobat Dc Acrobat Reader Dc
NVD
CVSS 3.0
8.8
EPSS
10.2%
CVE-2018-4952 HIGH PATCH This Week

Adobe Acrobat and Reader versions 2018.011.20038 and earlier, 2017.011.30079 and earlier, and 2015.006.30417 and earlier have a Use-after-free vulnerability. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. This Use After Free vulnerability could allow attackers to access freed memory to execute arbitrary code or crash the application.

Memory Corruption Adobe RCE Use After Free Acrobat Dc +1
NVD
CVSS 3.0
8.8
EPSS
10.2%
CVE-2018-4946 HIGH This Week

Adobe Photoshop CC versions 19.1.3 and earlier, 18.1.3 and earlier, and 18.1.2 and earlier have an Out-of-bounds write vulnerability. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Memory Corruption Adobe RCE Buffer Overflow Photoshop Cc
NVD
CVSS 3.0
8.8
EPSS
8.1%
CVE-2018-4945 HIGH PATCH This Week

Adobe Flash Player versions 29.0.0.171 and earlier have a Type Confusion vulnerability. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity.

Adobe RCE Flash Player Desktop Runtime Flash Player Enterprise Linux Desktop +2
NVD
CVSS 3.0
8.8
EPSS
6.8%
CVE-2018-6967 HIGH This Week

VMware ESXi (6.7 before ESXi670-201806401-BG), Workstation (14.x before 14.1.2), and Fusion (10.x before 10.1.2) contain an out-of-bounds read vulnerability in the shader translator. Rated high severity (CVSS 8.1), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

VMware Information Disclosure Buffer Overflow Fusion Workstation +1
NVD
CVSS 3.1
8.1
EPSS
2.3%
CVE-2018-6966 HIGH This Week

VMware ESXi (6.7 before ESXi670-201806401-BG), Workstation (14.x before 14.1.2), and Fusion (10.x before 10.1.2) contain an out-of-bounds read vulnerability in the shader translator. Rated high severity (CVSS 8.1), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

VMware Information Disclosure Buffer Overflow Fusion Workstation +1
NVD
CVSS 3.1
8.1
EPSS
2.3%
CVE-2018-6965 HIGH This Week

VMware ESXi (6.7 before ESXi670-201806401-BG), Workstation (14.x before 14.1.2), and Fusion (10.x before 10.1.2) contain an out-of-bounds read vulnerability in the shader translator. Rated high severity (CVSS 8.1), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

VMware Information Disclosure Buffer Overflow Workstation ESXi +1
NVD
CVSS 3.1
8.1
EPSS
3.0%
CVE-2018-1000622 HIGH This Week

The Rust Programming Language rustdoc version Between 0.8 and 1.27.0 contains a CWE-427: Uncontrolled Search Path Element vulnerability in rustdoc plugins that can result in local code execution as a. Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

RCE Rust
NVD
CVSS 3.0
7.8
EPSS
1.8%
CVE-2018-5002 HIGH KEV PATCH THREAT This Week

Adobe Flash Player versions 29.0.0.171 and earlier have a Stack-based buffer overflow vulnerability. Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attack complexity. This Out-of-bounds Write vulnerability could allow attackers to write data beyond allocated buffer boundaries leading to code execution or crashes.

Memory Corruption Adobe RCE Buffer Overflow Flash Player Desktop Runtime +4
NVD GitHub
CVSS 3.1
7.8
EPSS
25.4%
CVE-2018-4858 HIGH This Week

A vulnerability has been identified in IEC 61850 system configurator (All versions < V5.80), DIGSI 5 (affected as IEC 61850 system configurator is incorporated) (All versions < V7.80), DIGSI 4 (All. Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Authentication Bypass Microsoft RCE Siemens Ec 61850 System Configurator Firmware +5
NVD
CVSS 3.1
7.8
EPSS
1.8%
CVE-2018-1000404 HIGH PATCH This Week

Jenkins project Jenkins AWS CodeBuild Plugin version 0.26 and earlier contains a Insufficiently Protected Credentials vulnerability in AWSClientFactory.java, CodeBuilder.java that can result in. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. No vendor patch available.

Java Jenkins Information Disclosure Aws Codebuild
NVD
CVSS 3.0
7.8
EPSS
0.3%
CVE-2018-1000403 HIGH PATCH This Week

Jenkins project Jenkins AWS CodeDeploy Plugin version 1.19 and earlier contains a Insufficiently Protected Credentials vulnerability in AWSCodeDeployPublisher.java that can result in Credentials. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. No vendor patch available.

Java Jenkins Information Disclosure Aws Codedeploy
NVD
CVSS 3.0
7.8
EPSS
0.3%
Prev Page 6 of 9 Next

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy