Skip to main content
CVE-2018-14418 CRITICAL POC Act Now

In Msvod Cms v10, SQL Injection exists via an images/lists?cid= URI. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

SQLi Msvod Cms
NVD Exploit-DB
CVSS 3.0
9.8
EPSS
9.1%
CVE-2018-14460 HIGH POC This Week

An issue was discovered in the HDF HDF5 1.8.20 library. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Information Disclosure Buffer Overflow Hdf5
NVD GitHub
CVSS 3.0
8.8
EPSS
1.6%
CVE-2018-14459 HIGH POC This Week

An issue was discovered in libgig 4.1.0. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Memory Corruption Buffer Overflow Libgig
NVD GitHub
CVSS 3.0
8.8
EPSS
1.5%
CVE-2018-14458 HIGH POC This Week

An issue was discovered in libgig 4.1.0. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Memory Corruption Buffer Overflow Libgig
NVD GitHub
CVSS 3.0
8.8
EPSS
1.1%
CVE-2018-14457 HIGH POC This Week

An issue was discovered in libgig 4.1.0. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Memory Corruption Buffer Overflow Libgig
NVD GitHub
CVSS 3.0
8.8
EPSS
1.2%
CVE-2018-14456 HIGH POC This Week

An issue was discovered in libgig 4.1.0. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Memory Corruption Buffer Overflow Libgig
NVD GitHub
CVSS 3.0
8.8
EPSS
1.2%
CVE-2018-14455 HIGH POC This Week

An issue was discovered in libgig 4.1.0. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Memory Corruption Buffer Overflow Libgig
NVD GitHub
CVSS 3.0
8.8
EPSS
1.2%
CVE-2018-14454 HIGH POC This Week

An issue was discovered in libgig 4.1.0. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Information Disclosure Buffer Overflow Libgig
NVD GitHub
CVSS 3.0
8.8
EPSS
1.2%
CVE-2018-14453 HIGH POC This Week

An issue was discovered in libgig 4.1.0. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Memory Corruption Buffer Overflow Libgig
NVD GitHub
CVSS 3.0
8.8
EPSS
1.1%
CVE-2018-14452 HIGH POC This Week

An issue was discovered in libgig 4.1.0. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Information Disclosure Buffer Overflow Libgig
NVD GitHub
CVSS 3.0
8.8
EPSS
1.2%
CVE-2018-14451 HIGH POC This Week

An issue was discovered in libgig 4.1.0. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Memory Corruption Buffer Overflow Libgig
NVD GitHub
CVSS 3.0
8.8
EPSS
1.1%
CVE-2018-14450 HIGH POC This Week

An issue was discovered in libgig 4.1.0. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Information Disclosure Buffer Overflow Libgig
NVD GitHub
CVSS 3.0
8.8
EPSS
1.2%
CVE-2018-14449 HIGH POC This Week

An issue was discovered in libgig 4.1.0. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Information Disclosure Buffer Overflow Libgig
NVD GitHub
CVSS 3.0
8.8
EPSS
1.2%
CVE-2018-14447 HIGH POC This Week

trim_whitespace in lexer.l in libConfuse v3.2.1 has an out-of-bounds read. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Information Disclosure Buffer Overflow Libconfuse Debian Linux
NVD GitHub
CVSS 3.0
8.8
EPSS
1.8%
CVE-2018-14420 HIGH POC This Week

MetInfo 6.0.0 allows a CSRF attack to add a user account via a doaddsave action to admin/index.php, as demonstrated by an admin/index.php?anyid=47&n=admin&c=admin_admin&a=doaddsave URI. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

CSRF PHP Metinfo
NVD GitHub
CVSS 3.0
8.8
EPSS
0.5%
CVE-2018-14439 HIGH POC This Week

espritblock eos4j, an unofficial SDK for EOS, through 2018-07-12 mishandles floating-point numbers with more than four digits after the decimal point, which might allow attackers to trigger currency. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Information Disclosure Eos4J
NVD GitHub
CVSS 3.0
7.5
EPSS
1.0%
CVE-2018-14472 HIGH POC This Week

An issue was discovered in WUZHI CMS 4.1.0. Rated high severity (CVSS 7.2), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available and no vendor patch available.

SQLi PHP Wuzhicms
NVD GitHub
CVSS 3.0
7.2
EPSS
1.8%
CVE-2018-14448 MEDIUM POC This Month

Codec::parse in track.cpp in Untrunc through 2018-06-07 has a NULL pointer dereference via a crafted MP4 file because of improper interaction with libav. Rated medium severity (CVSS 6.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Null Pointer Dereference Denial Of Service Untrunc
NVD GitHub
CVSS 3.0
6.5
EPSS
1.2%
CVE-2018-14445 MEDIUM POC This Month

In Bento4 v1.5.1-624, AP4_File::ParseStream in Ap4File.cpp allows remote attackers to cause a denial of service (infinite loop) via a crafted MP4 file. Rated medium severity (CVSS 6.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Denial Of Service Bento4
NVD GitHub
CVSS 3.0
6.5
EPSS
1.4%
CVE-2018-14437 MEDIUM POC This Month

ImageMagick 7.0.8-4 has a memory leak in parse8BIM in coders/meta.c. Rated medium severity (CVSS 6.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Information Disclosure Imagemagick Ubuntu Linux
NVD GitHub
CVSS 3.0
6.5
EPSS
2.1%
CVE-2018-14436 MEDIUM POC This Month

ImageMagick 7.0.8-4 has a memory leak in ReadMIFFImage in coders/miff.c. Rated medium severity (CVSS 6.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Information Disclosure Imagemagick Ubuntu Linux
NVD GitHub
CVSS 3.0
6.5
EPSS
2.1%
CVE-2018-14435 MEDIUM POC This Month

ImageMagick 7.0.8-4 has a memory leak in DecodeImage in coders/pcd.c. Rated medium severity (CVSS 6.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Information Disclosure Imagemagick Ubuntu Linux
NVD GitHub
CVSS 3.0
6.5
EPSS
2.1%
CVE-2018-14434 MEDIUM POC This Month

ImageMagick 7.0.8-4 has a memory leak for a colormap in WriteMPCImage in coders/mpc.c. Rated medium severity (CVSS 6.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Information Disclosure Imagemagick Ubuntu Linux
NVD GitHub
CVSS 3.0
6.5
EPSS
2.8%
CVE-2018-3771 MEDIUM POC This Month

An XSS in statics-server <= 0.0.9 can be used via injected iframe in the filename when statics-server displays directory index in the browser. Rated medium severity (CVSS 6.1), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

XSS Statics Server
NVD
CVSS 3.1
6.1
EPSS
0.9%
CVE-2018-14474 MEDIUM POC PATCH This Month

views/auth.go in Orange Forum 1.4.0 allows Open Redirection via the next parameter to /login or /signup. Rated medium severity (CVSS 6.1), this vulnerability is remotely exploitable, no authentication required, low attack complexity.

Open Redirect Orange Forum
NVD GitHub
CVSS 3.0
6.1
EPSS
2.3%
CVE-2018-14422 MEDIUM POC This Month

blog/index.php in SansCMS 0.7 has XSS via the q parameter. Rated medium severity (CVSS 6.1), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

XSS PHP Sanscms
NVD GitHub
CVSS 3.0
6.1
EPSS
0.7%
CVE-2018-14415 MEDIUM POC This Month

An issue was discovered in idreamsoft iCMS before 7.0.10. Rated medium severity (CVSS 6.1), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

XSS PHP Icms
NVD GitHub
CVSS 3.0
6.1
EPSS
0.8%
CVE-2018-5070 CRITICAL Act Now

Adobe Acrobat and Reader 2018.011.20040 and earlier, 2017.011.30080 and earlier, and 2015.006.30418 and earlier versions have an Out-of-bounds write vulnerability. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Memory Corruption Adobe RCE Buffer Overflow Acrobat Dc +1
NVD
CVSS 3.0
9.8
EPSS
25.4%
CVE-2018-5069 CRITICAL Act Now

Adobe Acrobat and Reader 2018.011.20040 and earlier, 2017.011.30080 and earlier, and 2015.006.30418 and earlier versions have an Out-of-bounds write vulnerability. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Memory Corruption Adobe RCE Buffer Overflow Acrobat Dc +1
NVD
CVSS 3.0
9.8
EPSS
25.4%
CVE-2018-5064 CRITICAL Act Now

Adobe Acrobat and Reader 2018.011.20040 and earlier, 2017.011.30080 and earlier, and 2015.006.30418 and earlier versions have an Out-of-bounds write vulnerability. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Memory Corruption Adobe RCE Buffer Overflow Acrobat Dc +1
NVD
CVSS 3.0
9.8
EPSS
25.4%
CVE-2018-5021 CRITICAL Act Now

Adobe Acrobat and Reader 2018.011.20040 and earlier, 2017.011.30080 and earlier, and 2015.006.30418 and earlier versions have an Out-of-bounds write vulnerability. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Memory Corruption Adobe RCE Buffer Overflow Acrobat Dc +1
NVD
CVSS 3.0
9.8
EPSS
8.5%
CVE-2018-5011 CRITICAL Act Now

Adobe Acrobat and Reader 2018.011.20040 and earlier, 2017.011.30080 and earlier, and 2015.006.30418 and earlier versions have a Use-after-free vulnerability. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Memory Corruption Adobe RCE Use After Free Acrobat Dc +1
NVD
CVSS 3.0
9.8
EPSS
8.7%
CVE-2018-5009 CRITICAL Act Now

Adobe Acrobat and Reader 2018.011.20040 and earlier, 2017.011.30080 and earlier, and 2015.006.30418 and earlier versions have a Use-after-free vulnerability. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Memory Corruption Adobe RCE Use After Free Acrobat Dc +1
NVD
CVSS 3.0
9.8
EPSS
8.7%
CVE-2018-12815 CRITICAL Act Now

Adobe Acrobat and Reader 2018.011.20040 and earlier, 2017.011.30080 and earlier, and 2015.006.30418 and earlier versions have a Use-after-free vulnerability. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Memory Corruption Adobe RCE Use After Free Acrobat Dc +1
NVD
CVSS 3.0
9.8
EPSS
10.5%
CVE-2018-12812 CRITICAL Act Now

Adobe Acrobat and Reader 2018.011.20038 and earlier, 2017.011.30079 and earlier, and 2015.006.30417 and earlier versions have a Type Confusion vulnerability. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Adobe RCE Acrobat Dc Acrobat Reader Dc
NVD
CVSS 3.0
9.8
EPSS
8.8%
CVE-2018-12805 CRITICAL Act Now

Adobe Connect versions 9.7.5 and earlier have an Insecure Library Loading vulnerability. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Privilege Escalation Adobe Connect
NVD
CVSS 3.0
9.8
EPSS
4.1%
CVE-2018-12804 CRITICAL Act Now

Adobe Connect versions 9.7.5 and earlier have an Authentication Bypass vulnerability. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Authentication Bypass Adobe Connect
NVD
CVSS 3.0
9.8
EPSS
11.5%
CVE-2018-12802 CRITICAL Act Now

Adobe Acrobat and Reader 2018.011.20040 and earlier, 2017.011.30080 and earlier, and 2015.006.30418 and earlier versions have a Security Bypass vulnerability. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Privilege Escalation Adobe Acrobat Dc Acrobat Reader Dc
NVD
CVSS 3.0
9.8
EPSS
8.8%
CVE-2018-12798 CRITICAL Act Now

Adobe Acrobat and Reader 2018.011.20040 and earlier, 2017.011.30080 and earlier, and 2015.006.30418 and earlier versions have a Heap Overflow vulnerability. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Memory Corruption Adobe RCE Buffer Overflow Acrobat Dc +1
NVD
CVSS 3.0
9.8
EPSS
13.5%
CVE-2018-12792 CRITICAL Act Now

Adobe Acrobat and Reader 2018.011.20040 and earlier, 2017.011.30080 and earlier, and 2015.006.30418 and earlier versions have a Use-after-free vulnerability. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Memory Corruption Adobe RCE Use After Free Acrobat Dc +1
NVD
CVSS 3.0
9.8
EPSS
8.7%
CVE-2018-12791 CRITICAL Act Now

Adobe Acrobat and Reader 2018.011.20040 and earlier, 2017.011.30080 and earlier, and 2015.006.30418 and earlier versions have a Use-after-free vulnerability. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Memory Corruption Adobe RCE Use After Free Acrobat Dc +1
NVD
CVSS 3.0
9.8
EPSS
8.7%
CVE-2018-12787 CRITICAL Act Now

Adobe Acrobat and Reader 2018.011.20040 and earlier, 2017.011.30080 and earlier, and 2015.006.30418 and earlier versions have an Out-of-bounds write vulnerability. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Memory Corruption Adobe RCE Buffer Overflow Acrobat Dc +1
NVD
CVSS 3.0
9.8
EPSS
8.5%
CVE-2018-12785 CRITICAL Act Now

Adobe Acrobat and Reader 2018.011.20040 and earlier, 2017.011.30080 and earlier, and 2015.006.30418 and earlier versions have a Heap Overflow vulnerability. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Memory Corruption Adobe RCE Buffer Overflow Acrobat Dc +1
NVD
CVSS 3.0
9.8
EPSS
10.9%
CVE-2018-12784 CRITICAL Act Now

Adobe Acrobat and Reader 2018.011.20040 and earlier, 2017.011.30080 and earlier, and 2015.006.30418 and earlier versions have a Buffer Errors vulnerability. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Adobe RCE Buffer Overflow Acrobat Dc Acrobat Reader Dc
NVD
CVSS 3.0
9.8
EPSS
9.6%
CVE-2018-12782 CRITICAL Act Now

Adobe Acrobat and Reader 2018.011.20040 and earlier, 2017.011.30080 and earlier, and 2015.006.30418 and earlier versions have a Double Free vulnerability. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Adobe RCE Acrobat Dc Acrobat Reader Dc
NVD
CVSS 3.0
9.8
EPSS
11.2%
CVE-2018-12760 CRITICAL Act Now

Adobe Acrobat and Reader 2018.011.20040 and earlier, 2017.011.30080 and earlier, and 2015.006.30418 and earlier versions have an Out-of-bounds write vulnerability. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Memory Corruption Adobe RCE Buffer Overflow Acrobat Dc +1
NVD
CVSS 3.0
9.8
EPSS
8.5%
CVE-2018-12758 CRITICAL Act Now

Adobe Acrobat and Reader 2018.011.20040 and earlier, 2017.011.30080 and earlier, and 2015.006.30418 and earlier versions have an Out-of-bounds write vulnerability. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Memory Corruption Adobe RCE Buffer Overflow Acrobat Dc +1
NVD
CVSS 3.0
9.8
EPSS
8.5%
CVE-2018-12756 CRITICAL Act Now

Adobe Acrobat and Reader 2018.011.20040 and earlier, 2017.011.30080 and earlier, and 2015.006.30418 and earlier versions have a Use-after-free vulnerability. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Memory Corruption Adobe RCE Use After Free Acrobat Dc +1
NVD
CVSS 3.0
9.8
EPSS
8.8%
CVE-2018-12755 CRITICAL PATCH Act Now

Adobe Acrobat and Reader 2018.011.20040 and earlier, 2017.011.30080 and earlier, and 2015.006.30418 and earlier versions have an Out-of-bounds write vulnerability. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity.

Memory Corruption Adobe RCE Buffer Overflow Acrobat Dc +1
NVD
CVSS 3.0
9.8
EPSS
25.3%
CVE-2018-12754 CRITICAL PATCH Act Now

Adobe Acrobat and Reader 2018.011.20040 and earlier, 2017.011.30080 and earlier, and 2015.006.30418 and earlier versions have an Out-of-bounds write vulnerability. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity.

Memory Corruption Adobe RCE Buffer Overflow Acrobat Dc +1
NVD
CVSS 3.0
9.8
EPSS
25.3%
Page 1 of 4 Next

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy