Skip to main content
CVE-2018-12584 CRITICAL POC PATCH THREAT Act Now

The ConnectionBase::preparseNewBytes function in resip/stack/ConnectionBase.cxx in reSIProcate through 1.10.2 allows remote attackers to cause a denial of service (buffer overflow) or possibly. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available.

Denial Of Service RCE Buffer Overflow Resiprocate Debian Linux
NVD GitHub Exploit-DB
CVSS 3.1
9.8
EPSS
24.6%
CVE-2018-13981 CRITICAL POC THREAT Act Now

The websites that were built from Zeta Producer Desktop CMS before 14.2.1 are vulnerable to unauthenticated remote code execution due to a default component that permits arbitrary upload of PHP. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

File Upload RCE PHP Zeta Producer Desktop Cms
NVD Exploit-DB
CVSS 3.0
9.8
EPSS
17.3%
CVE-2018-11717 CRITICAL POC Act Now

An issue was discovered in Zoho ManageEngine Desktop Central before 100251. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Google Zoho Information Disclosure Manageengine Desktop Central
NVD
CVSS 3.0
9.8
EPSS
8.6%
CVE-2018-11716 CRITICAL POC THREAT Act Now

An issue was discovered in Zoho ManageEngine Desktop Central before 100230. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Zoho Information Disclosure Manageengine Desktop Central
NVD
CVSS 3.0
9.8
EPSS
14.3%
CVE-2018-14071 CRITICAL POC PATCH Act Now

The Geo Mashup plugin before 1.10.4 for WordPress has insufficient sanitization of post editor and other user input. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available.

WordPress Information Disclosure Geo Mashup
NVD GitHub
CVSS 3.0
9.8
EPSS
3.1%
CVE-2018-14088 CRITICAL POC Act Now

An issue was discovered in a smart contract implementation for STeX White List (STE(WL)), an Ethereum token. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Integer Overflow Buffer Overflow Stex White List
NVD GitHub
CVSS 3.0
9.8
EPSS
1.3%
CVE-2018-14087 CRITICAL POC Act Now

An issue was discovered in a smart contract implementation for EUC (EUC), an Ethereum token. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Integer Overflow Buffer Overflow Encryptedtoken
NVD GitHub
CVSS 3.1
9.8
EPSS
1.2%
CVE-2018-14086 CRITICAL POC Act Now

An issue was discovered in a smart contract implementation for SingaporeCoinOrigin (SCO), an Ethereum token. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Integer Overflow Buffer Overflow Mytoken
NVD GitHub
CVSS 3.1
9.8
EPSS
1.2%
CVE-2018-14084 CRITICAL POC Act Now

An issue was discovered in a smart contract implementation for MKCB, an Ethereum token. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Integer Overflow Buffer Overflow Myadvancedtoken
NVD GitHub
CVSS 3.1
9.8
EPSS
1.2%
CVE-2018-14324 CRITICAL Act Now

The demo feature in Oracle GlassFish Open Source Edition 5.0 has TCP port 7676 open by default with a password of admin for the admin account. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Authentication Bypass Oracle Glassfish Server
NVD GitHub
CVSS 3.0
9.8
EPSS
4.3%

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy