Skip to main content
CVE-2018-14014 HIGH POC This Week

In waimai Super Cms 20150505, there is a CSRF vulnerability that can add an admin account via admin.php?m=Member&a=adminadd. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

CSRF PHP Super Cms
NVD GitHub
CVSS 3.0
8.8
EPSS
0.5%
CVE-2018-12980 HIGH POC THREAT This Week

An issue was discovered on WAGO e!DISPLAY 762-3000 through 762-3003 devices with firmware before FW 02. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available and no vendor patch available.

File Upload 762 3000 Firmware 762 3001 Firmware 762 3002 Firmware 762 3003 Firmware
NVD Exploit-DB
CVSS 3.1
8.8
EPSS
30.1%
CVE-2018-12540 HIGH POC PATCH This Week

In version from 3.0.0 to 3.5.2 of Eclipse Vert.x, the CSRFHandler do not assert that the XSRF Cookie matches the returned XSRF header/form parameter. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

CSRF Vert X
NVD
CVSS 3.0
8.8
EPSS
2.0%
CVE-2018-14006 HIGH POC This Week

An integer overflow vulnerability exists in the function multipleTransfer of Neo Genesis Token (NGT), an Ethereum token smart contract. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Integer Overflow Buffer Overflow Ngtoken
NVD GitHub
CVSS 3.1
7.5
EPSS
0.9%
CVE-2018-14005 HIGH POC This Week

An integer overflow vulnerability exists in the function transferAny of Malaysia coins (Xmc), an Ethereum token smart contract. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Integer Overflow Buffer Overflow Malaysiancoin
NVD GitHub
CVSS 3.1
7.5
EPSS
0.9%
CVE-2018-14004 HIGH POC This Week

An integer overflow vulnerability exists in the function transfer_tokens_after_ICO of GlobeCoin (GLB), an Ethereum token smart contract. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Integer Overflow Buffer Overflow Globecoin
NVD GitHub
CVSS 3.0
7.5
EPSS
0.9%
CVE-2018-14003 HIGH POC This Week

An integer overflow vulnerability exists in the function batchTransfer of WeMediaChain (WMC), an Ethereum token smart contract. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Integer Overflow Buffer Overflow Wmctoken
NVD GitHub
CVSS 3.1
7.5
EPSS
1.2%
CVE-2018-14002 HIGH POC This Week

An integer overflow vulnerability exists in the function distribute of MP3 Coin (MP3), an Ethereum token smart contract. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Integer Overflow Buffer Overflow Mp3 Coin
NVD GitHub
CVSS 3.0
7.5
EPSS
1.2%
CVE-2018-14001 HIGH POC This Week

An integer overflow vulnerability exists in the function batchTransfer of SHARKTECH (SKT), an Ethereum token smart contract. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Integer Overflow Buffer Overflow Sharktech
NVD GitHub
CVSS 3.0
7.5
EPSS
1.2%
CVE-2018-13836 HIGH POC This Week

An integer overflow vulnerability exists in the function multiTransfer of Rocket Coin (XRC), an Ethereum token smart contract. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Integer Overflow Buffer Overflow Rocket Coin
NVD GitHub
CVSS 3.0
7.5
EPSS
1.2%
CVE-2018-13997 HIGH POC This Week

Genann through 2018-07-08 has a SEGV in genann_run in genann.c. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Buffer Overflow Genann
NVD GitHub
CVSS 3.0
7.5
EPSS
1.5%
CVE-2018-10895 HIGH PATCH This Week

qutebrowser before version 1.4.1 is vulnerable to a cross-site request forgery flaw that allows websites to access 'qute://*' URLs. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. This Cross-Site Request Forgery (CSRF) vulnerability could allow attackers to trick authenticated users into performing unintended actions.

CSRF RCE Qutebrowser
NVD GitHub
CVSS 3.0
8.8
EPSS
1.2%
CVE-2018-5529 HIGH This Week

The svpn component of the F5 BIG-IP APM client prior to version 7.1.7 for Linux and Mac OS X runs as a privileged process and can allow an unprivileged user to assume super-user privileges on the. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. No vendor patch available.

Information Disclosure Big Ip Access Policy Manager Big Ip Edge
NVD GitHub
CVSS 3.0
7.8
EPSS
0.5%

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy