Skip to main content
CVE-2018-12710 HIGH POC THREAT This Week

An issue was discovered on D-Link DIR-601 2.02NA devices. Rated high severity (CVSS 8.0), this vulnerability is low attack complexity. Public exploit code available and no vendor patch available.

Information Disclosure D-Link Dir 601 Firmware
NVD Exploit-DB
CVSS 3.0
8.0
EPSS
76.5%
CVE-2018-15912 HIGH POC PATCH This Week

An issue was discovered in manjaro-update-system.sh in manjaro-system 20180716-1 on Manjaro Linux. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. Public exploit code available.

Privilege Escalation RCE Manjaro Linux
NVD
CVSS 3.0
7.8
EPSS
0.8%
CVE-2018-12827 HIGH POC PATCH THREAT This Week

Adobe Flash Player 30.0.0.134 and earlier have an out-of-bounds read vulnerability. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available.

Adobe Information Disclosure Buffer Overflow Flash Player Enterprise Linux Desktop +2
NVD Exploit-DB
CVSS 3.0
7.5
EPSS
32.0%
CVE-2018-14768 HIGH This Week

Various VIVOTEK FD8*, FD9*, FE9*, IB8*, IB9*, IP9*, IZ9*, MS9*, SD9*, and other devices before XXXXXX-VVTK-xx06a allow remote attackers to execute arbitrary code. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

RCE Camera
NVD
CVSS 3.0
8.8
EPSS
2.9%
CVE-2018-12799 HIGH PATCH This Week

Adobe Acrobat and Reader versions 2018.011.20055 and earlier, 2017.011.30096 and earlier, and 2015.006.30434 and earlier have an untrusted pointer dereference vulnerability. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. This NULL Pointer Dereference vulnerability could allow attackers to crash the application by dereferencing a null pointer.

Null Pointer Dereference Adobe Denial Of Service RCE Acrobat Dc +1
NVD
CVSS 3.0
8.8
EPSS
6.7%
CVE-2018-15121 HIGH This Week

An issue was discovered in Auth0 auth0-aspnet and auth0-aspnet-owin. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

CSRF Aspnet Aspnet Owin
NVD
CVSS 3.0
8.8
EPSS
0.5%
CVE-2018-16132 HIGH This Week

The image rendering component (createGenericPreview) of the Open Whisper Signal app through 2.29.0 for iOS fails to check for unreasonably large images before manipulating received images. Rated high severity (CVSS 8.6), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Denial Of Service Apple Signal
NVD
CVSS 3.0
8.6
EPSS
1.1%
CVE-2018-5003 HIGH This Week

Adobe Creative Cloud Desktop Application before 4.5.5.342 (installer) has an insecure library loading (dll hijacking) vulnerability. Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Privilege Escalation Adobe Creative Cloud
NVD
CVSS 3.0
7.8
EPSS
4.9%
CVE-2018-7789 HIGH This Week

An Improper Check for Unusual or Exceptional Conditions vulnerability exists in Schneider Electric's Modicon M221 product (all references, all versions prior to firmware V1.6.2.0). Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Authentication Bypass Schneider Electric Modicon M221 Firmware
NVD VulDB
CVSS 3.1
7.5
EPSS
0.7%
CVE-2018-7792 HIGH This Week

A Permissions, Privileges, and Access Control vulnerability exists in Schneider Electric's Modicon M221 product (all references, all versions prior to firmware V1.6.2.0). Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Authentication Bypass Schneider Electric Modicon M221 Firmware
NVD VulDB
CVSS 3.1
7.5
EPSS
0.2%
CVE-2018-8022 HIGH PATCH This Week

A carefully crafted invalid TLS handshake can cause Apache Traffic Server (ATS) to segfault. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity.

Apache Information Disclosure Traffic Server
NVD GitHub
CVSS 3.0
7.5
EPSS
7.5%
CVE-2018-1318 HIGH This Week

Adding method ACLs in remap.config can cause a segfault when the user makes a carefully crafted request. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Apache Information Disclosure Traffic Server Debian Linux
NVD GitHub
CVSS 3.0
7.5
EPSS
7.7%
CVE-2018-12826 HIGH PATCH This Week

Adobe Flash Player 30.0.0.134 and earlier have an out-of-bounds read vulnerability. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity.

Adobe Information Disclosure Buffer Overflow Flash Player Enterprise Linux Desktop +2
NVD
CVSS 3.0
7.5
EPSS
7.4%
CVE-2018-15881 HIGH This Week

An issue was discovered in Joomla!. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Information Disclosure Joomla
NVD
CVSS 3.0
7.5
EPSS
2.2%
CVE-2018-6598 HIGH This Week

An issue was discovered on Orbic Wonder Orbic/RC555L/RC555L:7.1.2/N2G47H/329100b:user/release-keys devices. Rated high severity (CVSS 7.1), this vulnerability is low attack complexity. No vendor patch available.

Google Information Disclosure Wonder Rc555L Firmware
NVD
CVSS 3.0
7.1
EPSS
0.3%

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy