Skip to main content
CVE-2018-14058 MEDIUM POC PATCH THREAT This Month

Pimcore before 5.3.0 allows SQL Injection via the REST web service API. Rated medium severity (CVSS 6.5), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available and no vendor patch available.

SQLi Pimcore
NVD Exploit-DB
CVSS 3.0
6.5
EPSS
28.9%
CVE-2018-15473 MEDIUM POC PATCH THREAT This Month

OpenSSH through 7.7 is prone to a user enumeration vulnerability due to not delaying bailout for an invalid authenticating user until after the packet containing the request has been fully parsed,. Rated medium severity (CVSS 5.3), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available.

Race Condition Information Disclosure SSH Openssh Debian Linux +20
NVD GitHub Exploit-DB
CVSS 3.1
5.3
EPSS
98.6%
CVE-2018-15470 MEDIUM This Month

An issue was discovered in Xen through 4.11.x. Rated medium severity (CVSS 6.5), this vulnerability is low attack complexity. No vendor patch available.

Denial Of Service Xen
NVD
CVSS 3.0
6.5
EPSS
0.4%
CVE-2018-15469 MEDIUM PATCH This Month

An issue was discovered in Xen through 4.11.x. Rated medium severity (CVSS 6.5), this vulnerability is low attack complexity. This Uncontrolled Resource Consumption vulnerability could allow attackers to cause denial of service by exhausting system resources.

Denial Of Service Xen Debian Linux
NVD
CVSS 3.0
6.5
EPSS
0.4%
CVE-2018-15357 MEDIUM This Month

An authenticated attacker with low privileges can extract password hash information for all users in Eltex ESP-200 firmware version 1.2.0. Rated medium severity (CVSS 6.5), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Information Disclosure Esp 200 Firmware
NVD
CVSS 3.0
6.5
EPSS
1.1%
CVE-2018-15352 MEDIUM This Month

An attacker with low privileges can cause denial of service in Kraftway 24F2XG Router firmware version 3.5.30.1118. Rated medium severity (CVSS 6.5), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Denial Of Service 24F2Xg Router Firmware
NVD
CVSS 3.0
6.5
EPSS
1.4%
CVE-2018-15351 MEDIUM This Month

Denial of service via crafting malicious link and sending it to a privileged user can cause Denial of Service in Kraftway 24F2XG Router firmware version 3.5.30.1118. Rated medium severity (CVSS 6.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Denial Of Service 24F2Xg Router Firmware
NVD
CVSS 3.0
6.5
EPSS
2.0%
CVE-2018-15468 MEDIUM This Month

An issue was discovered in Xen through 4.11.x. Rated medium severity (CVSS 6.0), this vulnerability is low attack complexity. No vendor patch available.

Authentication Bypass Denial Of Service Intel Xen
NVD
CVSS 3.0
6.0
EPSS
0.3%
CVE-2018-15355 MEDIUM This Month

Usage of SSLv2 and SSLv3 leads to transmitted data decryption in Kraftway 24F2XG Router firmware 3.5.30.1118. Rated medium severity (CVSS 5.9), this vulnerability is remotely exploitable, no authentication required. No vendor patch available.

Information Disclosure 24F2Xg Router Firmware
NVD
CVSS 3.0
5.9
EPSS
0.8%

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy