Skip to main content
CVE-2018-14326 HIGH POC This Week

In MP4v2 2.0.0, there is an integer overflow (with resultant memory corruption) when resizing MP4Array for the ftyp atom in mp4array.h. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Integer Overflow Buffer Overflow Mp4V2
NVD GitHub
CVSS 3.0
8.8
EPSS
1.9%
CVE-2018-14325 HIGH POC This Week

In MP4v2 2.0.0, there is an integer underflow (with resultant memory corruption) when parsing MP4Atom in mp4atom.cpp. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Integer Overflow Buffer Overflow Mp4V2
NVD GitHub
CVSS 3.0
8.8
EPSS
2.0%
CVE-2018-14089 HIGH POC This Week

An issue was discovered in a smart contract implementation for Virgo_ZodiacToken, an Ethereum token. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Information Disclosure Virgo Zodiactoken
NVD GitHub
CVSS 3.0
7.5
EPSS
0.9%
CVE-2018-14085 HIGH POC This Week

An issue was discovered in a smart contract implementation for UserWallet 0x0a7bca9FB7AfF26c6ED8029BB6f0F5D291587c42, an Ethereum token. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Information Disclosure Userwallet
NVD GitHub
CVSS 3.0
7.5
EPSS
0.9%
CVE-2018-0341 HIGH This Week

A vulnerability in the web-based UI of Cisco IP Phone 6800, 7800, and 8800 Series with Multiplatform Firmware before 11.2(1) could allow an authenticated, remote attacker to perform a command. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Cisco Command Injection Ip Phone Multiplatform Firmware
NVD
CVSS 3.0
8.8
EPSS
5.9%
CVE-2018-0383 HIGH This Week

A vulnerability in the detection engine of Cisco FireSIGHT System Software could allow an unauthenticated, remote attacker to bypass a file policy that is configured to block the transfer of files to. Rated high severity (CVSS 8.6), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Authentication Bypass Cisco Secure Firewall Management Center
NVD
CVSS 3.0
8.6
EPSS
3.0%
CVE-2018-0369 HIGH This Week

A vulnerability in the reassembly logic for fragmented IPv4 packets of Cisco StarOS running on virtual platforms could allow an unauthenticated, remote attacker to trigger a reload of the npusim. Rated high severity (CVSS 8.6), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Denial Of Service Cisco Staros
NVD
CVSS 3.0
8.6
EPSS
2.3%
CVE-2018-1046 HIGH PATCH This Week

pdns before version 4.1.2 is vulnerable to a buffer overflow in dnsreplay. Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attack complexity.

RCE Buffer Overflow Stack Overflow Pdns
NVD
CVSS 3.1
7.8
EPSS
1.4%
CVE-2018-0368 HIGH This Week

A vulnerability in Cisco Digital Network Architecture (DNA) Center could allow an authenticated, local attacker to access sensitive information on an affected system. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. No vendor patch available.

Information Disclosure Cisco Application Policy Infrastructure Controller Enterprise Module
NVD
CVSS 3.0
7.8
EPSS
0.3%
CVE-2018-10857 HIGH This Week

git-annex is vulnerable to a private data exposure and exfiltration attack. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Information Disclosure Git Annex Debian Linux
NVD
CVSS 3.0
7.5
EPSS
1.5%
CVE-2018-10859 HIGH This Week

git-annex is vulnerable to an Information Exposure when decrypting files. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Information Disclosure Git Annex Debian Linux
NVD
CVSS 3.0
7.5
EPSS
1.4%
CVE-2018-0385 HIGH This Week

A vulnerability in the detection engine parsing of Security Socket Layer (SSL) protocol packets for Cisco Firepower System Software could allow an unauthenticated, remote attacker to cause a denial. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Denial Of Service Cisco Secure Firewall Management Center
NVD
CVSS 3.1
7.5
EPSS
2.3%
CVE-2018-0370 HIGH This Week

A vulnerability in the detection engine of Cisco Firepower System Software could allow an unauthenticated, remote attacker to cause one of the detection engine processes to run out of memory and thus. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Information Disclosure Cisco Secure Firewall Management Center
NVD
CVSS 3.0
7.5
EPSS
2.2%

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy