Skip to main content
CVE-2018-14767 CRITICAL POC THREAT Act Now

In Kamailio before 5.0.7 and 5.1.x before 5.1.4, a crafted SIP message with a double "To" header and an empty "To" tag causes a segmentation fault and crash. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Denial Of Service RCE Debian Linux Kamailio
NVD
CVSS 3.0
9.8
EPSS
29.3%
CVE-2018-10603 CRITICAL Act Now

Martem TELEM GW6 and GWM devices with firmware 2018.04.18-linux_4-01-601cb47 and prior do not perform authentication of IEC-104 control commands, which may allow a rogue node a remote control of the. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Authentication Bypass Telem Gwm Firmware Telem Gw6 Firmware
NVD
CVSS 3.0
9.8
EPSS
3.4%
CVE-2018-10592 CRITICAL Act Now

Yokogawa STARDOM FCJ controllers R4.02 and prior, FCN-100 controllers R4.02 and prior, FCN-RTU controllers R4.02 and prior, and FCN-500 controllers R4.02 and prior utilize hard-coded credentials that. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Authentication Bypass RCE Fcj Firmware Fcn 100 Firmware Fcn Rtu Firmware +1
NVD
CVSS 3.0
9.8
EPSS
6.9%
CVE-2018-8027 CRITICAL PATCH Act Now

Apache Camel 2.20.0 to 2.20.3 and 2.21.0 Core is vulnerable to XXE in XSD validation processor. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

XXE Apache Camel
NVD
CVSS 3.0
9.8
EPSS
5.5%

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy