Skip to main content
CVE-2018-14789 MEDIUM This Month

In Philips' IntelliSpace Cardiovascular (ISCV) products (ISCV Version 3.1 or prior and Xcelera Version 4.1 or prior), an unquoted search path or element vulnerability has been identified, which may. Rated medium severity (CVSS 6.7), this vulnerability is low attack complexity. No vendor patch available.

RCE Intellispace Cardiovascular Xcelera
NVD
CVSS 3.1
6.7
EPSS
0.4%
CVE-2018-10919 MEDIUM PATCH This Month

The Samba Active Directory LDAP server was vulnerable to an information disclosure flaw because of missing access control checks. Rated medium severity (CVSS 6.5), this vulnerability is remotely exploitable, low attack complexity.

Information Disclosure Ubuntu Linux Debian Linux Samba
NVD
CVSS 3.0
6.5
EPSS
2.2%
CVE-2018-10918 MEDIUM PATCH This Month

A null pointer dereference flaw was found in the way samba checked database outputs from the LDB database layer. Rated medium severity (CVSS 6.5), this vulnerability is remotely exploitable, low attack complexity.

Null Pointer Dereference Denial Of Service Ubuntu Linux Samba
NVD
CVSS 3.0
6.5
EPSS
2.5%
CVE-2018-1140 MEDIUM PATCH This Month

A missing input sanitization flaw was found in the implementation of LDP database used for the LDAP server. Rated medium severity (CVSS 6.5), this vulnerability is no authentication required, low attack complexity.

Denial Of Service Samba
NVD
CVSS 3.0
6.5
EPSS
10.8%
CVE-2018-14801 MEDIUM This Month

In Philips PageWriter TC10, TC20, TC30, TC50, TC70 Cardiographs, all versions prior to May 2018, an attacker with both the superuser password and physical access can enter the superuser password that. Rated medium severity (CVSS 6.2), this vulnerability is low attack complexity. No vendor patch available.

Authentication Bypass Pagewriter Tc70 Firmware Pagewriter Tc50 Firmware Pagewriter Tc30 Firmware Pagewriter Tc20 Firmware +1
NVD
CVSS 3.0
6.2
EPSS
0.4%
CVE-2018-5235 MEDIUM This Month

Norton Utilities (prior to 16.0.3.44) may be susceptible to a DLL Preloading vulnerability, which is a type of issue that can occur when an application looks to call a DLL for execution and an. Rated medium severity (CVSS 6.0). No vendor patch available.

Information Disclosure Norton Utilities
NVD
CVSS 3.0
6.0
EPSS
0.4%
CVE-2018-10845 MEDIUM PATCH This Month

It was found that the GnuTLS implementation of HMAC-SHA-384 was vulnerable to a Lucky thirteen style attack. Rated medium severity (CVSS 5.9), this vulnerability is remotely exploitable, no authentication required.

Information Disclosure Gnutls Enterprise Linux Desktop Enterprise Linux Server Enterprise Linux Workstation +3
NVD
CVSS 3.1
5.9
EPSS
3.6%
CVE-2018-10844 MEDIUM PATCH This Month

It was found that the GnuTLS implementation of HMAC-SHA-256 was vulnerable to a Lucky thirteen style attack. Rated medium severity (CVSS 5.9), this vulnerability is remotely exploitable, no authentication required.

Information Disclosure Gnutls Enterprise Linux Desktop Enterprise Linux Server Enterprise Linux Workstation +3
NVD
CVSS 3.1
5.9
EPSS
3.6%
CVE-2018-10846 MEDIUM PATCH This Month

A cache-based side channel in GnuTLS implementation that leads to plain text recovery in cross-VM attack setting was found. Rated medium severity (CVSS 5.6).

Information Disclosure Gnutls Enterprise Linux Desktop Enterprise Linux Server Enterprise Linux Workstation +3
NVD
CVSS 3.1
5.6
EPSS
0.4%
CVE-2018-1599 MEDIUM PATCH This Month

IBM API Connect 5.0.0.0 through 5.0.8.3 could allow a remote attacker to hijack the clicking action of the victim. Rated medium severity (CVSS 5.4), this vulnerability is remotely exploitable, low attack complexity.

IBM Information Disclosure Api Connect
NVD
CVSS 3.0
5.4
EPSS
0.8%

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy