Skip to main content
CVE-2018-14392 MEDIUM POC THREAT This Month

The New Threads plugin before 1.2 for MyBB has XSS. Rated medium severity (CVSS 6.1), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

XSS New Threads
NVD Exploit-DB
CVSS 3.0
6.1
EPSS
48.6%
CVE-2018-14332 MEDIUM POC This Month

An issue was discovered in Clementine Music Player 1.3.1. Rated medium severity (CVSS 5.5), this vulnerability is no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Null Pointer Dereference Denial Of Service Clementine
NVD GitHub
CVSS 3.0
5.5
EPSS
0.6%
CVE-2018-9062 MEDIUM PATCH This Month

In some Lenovo ThinkPad products, one BIOS region is not properly included in the checks, allowing injection of arbitrary code. Rated medium severity (CVSS 6.8), this vulnerability is no authentication required, low attack complexity.

Lenovo RCE E42 80 Firmware E42 80 Isk Firmware E52 80 Firmware +36
NVD
CVSS 3.1
6.8
EPSS
0.5%
CVE-2018-14404 MEDIUM PATCH This Month

A NULL pointer dereference vulnerability exists in the xpath.c:xmlXPathCompOpEval() function of libxml2 through 2.9.8 when parsing an invalid XPath expression in the XPATH_OP_AND or XPATH_OP_OR case. Rated medium severity (CVSS 6.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Null Pointer Dereference Denial Of Service Ubuntu Linux Debian Linux Libxml2
NVD
CVSS 3.1
6.5
EPSS
3.7%
CVE-2018-14395 MEDIUM PATCH This Month

libavformat/movenc.c in FFmpeg 3.2 and 4.0.2 allows attackers to cause a denial of service (application crash caused by a divide-by-zero error) with a user crafted audio file when converting to the. Rated medium severity (CVSS 6.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity.

Denial Of Service Debian Linux Ffmpeg
NVD GitHub
CVSS 3.1
6.5
EPSS
2.0%
CVE-2018-14394 MEDIUM PATCH This Month

libavformat/movenc.c in FFmpeg before 4.0.2 allows attackers to cause a denial of service (application crash caused by a divide-by-zero error) with a user crafted Waveform audio file. Rated medium severity (CVSS 6.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity.

Denial Of Service Ffmpeg
NVD GitHub
CVSS 3.0
6.5
EPSS
1.1%
CVE-2018-1585 MEDIUM PATCH This Month

IBM Rational Rhapsody Design Manager 5.0 through 5.0.2 and 6.0 through 6.0.5 and IBM Rational Software Architect Design Manager 5.0 through 5.0.2 and 6.0 through 6.0.1 are vulnerable to cross-site. Rated medium severity (CVSS 5.4), this vulnerability is remotely exploitable, low attack complexity. This Cross-Site Scripting (XSS) vulnerability could allow attackers to inject malicious scripts into web pages viewed by other users.

XSS IBM Rational Rhapsody Design Manager Rational Software Architect Design Manager
NVD
CVSS 3.0
5.4
EPSS
0.7%
CVE-2018-1536 MEDIUM PATCH This Month

IBM Rational Rhapsody Design Manager 5.0 through 5.0.2 and 6.0 through 6.0.5 and IBM Rational Software Architect Design Manager 5.0 through 5.0.2 and 6.0 through 6.0.1 are vulnerable to cross-site. Rated medium severity (CVSS 5.4), this vulnerability is remotely exploitable, low attack complexity. This Cross-Site Scripting (XSS) vulnerability could allow attackers to inject malicious scripts into web pages viewed by other users.

XSS IBM Rational Rhapsody Design Manager Rational Software Architect Design Manager
NVD
CVSS 3.0
5.4
EPSS
0.7%
CVE-2018-1535 MEDIUM PATCH This Month

IBM Rational Rhapsody Design Manager 5.0 through 5.0.2 and 6.0 through 6.0.5 and IBM Rational Software Architect Design Manager 5.0 through 5.0.2 and 6.0 through 6.0.1 are vulnerable to cross-site. Rated medium severity (CVSS 5.4), this vulnerability is remotely exploitable, low attack complexity. This Cross-Site Scripting (XSS) vulnerability could allow attackers to inject malicious scripts into web pages viewed by other users.

XSS IBM Rational Rhapsody Design Manager Rational Software Architect Design Manager
NVD
CVSS 3.0
5.4
EPSS
0.7%
CVE-2018-1529 MEDIUM PATCH This Month

IBM Rational DOORS Next Generation 5.0 through 5.0.2, 6.0 through 6.0.5 and IBM Rational Requirements Composer 5.0 through 5.0.2 are vulnerable to cross-site scripting. Rated medium severity (CVSS 5.4), this vulnerability is remotely exploitable, low attack complexity. This Cross-Site Scripting (XSS) vulnerability could allow attackers to inject malicious scripts into web pages viewed by other users.

XSS IBM Rational Requirements Composer Rational Doors Next Generation
NVD
CVSS 3.0
5.4
EPSS
1.0%
CVE-2018-5532 MEDIUM This Month

On F5 BIG-IP 13.0.0, 12.1.0-12.1.2, 11.6.0-11.6.3.1, or 11.2.1-11.5.6 a domain name cached within the DNS Cache of TMM may continue to be resolved by the cache even after the parent server revokes. Rated medium severity (CVSS 5.3), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Information Disclosure Big Ip Local Traffic Manager Big Ip Application Acceleration Manager Big Ip Advanced Firewall Manager Big Ip Analytics +9
NVD
CVSS 3.0
5.3
EPSS
1.2%
CVE-2018-5540 MEDIUM This Month

On F5 BIG-IP 13.0.0-13.0.1, 12.1.0-12.1.3.3, 11.6.0-11.6.3.1, or 11.5.1-11.5.6, Enterprise Manager 3.1.1, BIG-IQ Centralized Management 5.0.0-5.1.0, BIG-IQ Cloud and Orchestration 1.0.0, or F5. Rated medium severity (CVSS 4.4), this vulnerability is low attack complexity. No vendor patch available.

Information Disclosure Big Ip Domain Name System Big Ip Global Traffic Manager Enterprise Manager Big Iq Centralized Management +2
NVD
CVSS 3.0
4.4
EPSS
0.4%
CVE-2018-1587 MEDIUM PATCH This Month

IBM Rational Rhapsody Design Manager 5.0 through 5.0.2 and 6.0 through 6.0.5 and IBM Rational Software Architect Design Manager 5.0 through 5.0.2 and 6.0 through 6.0.1 could reveal technical error. Rated medium severity (CVSS 4.3), this vulnerability is remotely exploitable, low attack complexity. This Exposure of Sensitive Information vulnerability could allow attackers to access sensitive data that should not be disclosed.

IBM Information Disclosure Rational Rhapsody Design Manager Rational Software Architect Design Manager
NVD
CVSS 3.0
4.3
EPSS
1.0%

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy