Skip to main content
CVE-2018-14316 MEDIUM PATCH This Month

This vulnerability allows remote attackers to disclose sensitive information on vulnerable installations of Foxit Reader 9.0.1.5096. Rated medium severity (CVSS 6.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. This Out-of-bounds Read vulnerability could allow attackers to read data from memory outside the intended buffer boundaries.

Information Disclosure Buffer Overflow Foxit Reader Phantompdf
NVD
CVSS 3.0
6.5
EPSS
2.6%
CVE-2018-14289 MEDIUM PATCH This Month

This vulnerability allows remote attackers to disclose sensitive information on vulnerable installations of Foxit Reader 9.0.1.5096. Rated medium severity (CVSS 6.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. This Out-of-bounds Read vulnerability could allow attackers to read data from memory outside the intended buffer boundaries.

Information Disclosure RCE Buffer Overflow Foxit Reader Phantompdf
NVD
CVSS 3.1
6.5
EPSS
2.5%
CVE-2018-11621 MEDIUM PATCH This Month

This vulnerability allows remote attackers to disclose sensitive information on vulnerable installations of Foxit Reader 9.0.1.1049. Rated medium severity (CVSS 6.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. This Out-of-bounds Read vulnerability could allow attackers to read data from memory outside the intended buffer boundaries.

Information Disclosure RCE Buffer Overflow Foxit Reader Phantompdf
NVD
CVSS 3.0
6.5
EPSS
2.6%
CVE-2018-11620 MEDIUM PATCH This Month

This vulnerability allows remote attackers to disclose sensitive information on vulnerable installations of Foxit Reader 9.0.1.1049. Rated medium severity (CVSS 6.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. This Out-of-bounds Read vulnerability could allow attackers to read data from memory outside the intended buffer boundaries.

Information Disclosure RCE Buffer Overflow Foxit Reader Phantompdf
NVD
CVSS 3.0
6.5
EPSS
2.6%
CVE-2018-12939 MEDIUM PATCH This Month

A directory traversal flaw in SeedDMS (formerly LetoDMS and MyDMS) before 5.1.8 allows an authenticated attacker to write to (or potentially delete) arbitrary files via a .. Rated medium severity (CVSS 6.5), this vulnerability is remotely exploitable, low attack complexity. This Path Traversal vulnerability could allow attackers to access files and directories outside the intended path.

RCE Path Traversal PHP Seeddms
NVD
CVSS 3.0
6.5
EPSS
2.0%
CVE-2018-10609 MEDIUM This Month

Martem TELEM GW6 and GWM devices with firmware 2018.04.18-linux_4-01-601cb47 and prior allow improper sanitization of data over a Websocket which may allow cross-site scripting and client-side code. Rated medium severity (CVSS 6.1), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

XSS RCE Telem Gwm Firmware Telem Gw6 Firmware
NVD
CVSS 3.0
6.1
EPSS
2.3%
CVE-2018-12944 MEDIUM PATCH This Month

Persistent Cross-Site Scripting (XSS) vulnerability in the "Categories" feature in SeedDMS (formerly LetoDMS and MyDMS) before 5.1.8 allows remote attackers to inject arbitrary web script or HTML via. Rated medium severity (CVSS 6.1), this vulnerability is remotely exploitable, no authentication required, low attack complexity.

XSS Seeddms
NVD
CVSS 3.0
6.1
EPSS
1.1%
CVE-2018-12943 MEDIUM This Month

Cross-Site Scripting (XSS) vulnerability in every page that includes the "action" URL parameter in SeedDMS (formerly LetoDMS and MyDMS) before 5.1.8 allows remote attackers to inject arbitrary web. Rated medium severity (CVSS 6.1), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

XSS Seeddms
NVD
CVSS 3.0
6.1
EPSS
1.1%
CVE-2018-7992 MEDIUM This Month

Mdapt Driver of Huawei MediaPad M3 BTV-W09C128B353CUSTC128D001; Mate 9 Pro versions earlier than 8.0.0.356(C00); P10 Plus versions earlier than 8.0.0.357(C00) has a buffer overflow vulnerability. Rated medium severity (CVSS 5.5), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Denial Of Service Huawei Buffer Overflow Mediapad M3 Firmware Mate 9 Pro Firmware +2
NVD
CVSS 3.0
5.5
EPSS
0.5%
CVE-2018-7934 MEDIUM This Month

Some Huawei mobile phone with the versions before BLA-L29 8.0.0.145(C432) have a denial of service (DoS) vulnerability because they do not adapt to specific screen gestures. Rated medium severity (CVSS 5.5), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Denial Of Service Huawei Mate 10 Pro Firmware
NVD
CVSS 3.0
5.5
EPSS
0.6%
CVE-2018-1718 MEDIUM This Month

IBM Sterling B2B Integrator Standard Edition 5.2.0.1 - 5.2.6.3 is vulnerable to cross-site scripting. Rated medium severity (CVSS 5.4), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

XSS IBM Sterling B2b Integrator
NVD
CVSS 3.0
5.4
EPSS
1.2%
CVE-2018-14432 MEDIUM PATCH This Month

In the Federation component of OpenStack Keystone before 11.0.4, 12.0.0, and 13.0.0, an authenticated "GET /v3/OS-FEDERATION/projects" request may bypass intended access restrictions on listing. Rated medium severity (CVSS 5.3), this vulnerability is remotely exploitable. This Exposure of Sensitive Information vulnerability could allow attackers to access sensitive data that should not be disclosed.

Information Disclosure Debian Linux Openstack Keystone
NVD
CVSS 3.0
5.3
EPSS
1.6%

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy