Skip to main content
CVE-2018-13825 MEDIUM PATCH This Month

Insufficient input validation in the gridExcelExport functionality, in CA PPM 14.3 and below, 14.4, 15.1, 15.2 CP5 and below, and 15.3 CP2 and below, allows remote attackers to execute reflected. Rated medium severity (CVSS 6.1), this vulnerability is remotely exploitable, no authentication required, low attack complexity. This Cross-Site Scripting (XSS) vulnerability could allow attackers to inject malicious scripts into web pages viewed by other users.

XSS Project Portfolio Management
NVD
CVSS 3.0
6.1
EPSS
0.9%
CVE-2018-11719 MEDIUM This Month

Xovis PC2, PC2R, and PC3 devices through 3.6.0 allow XXE. Rated medium severity (CVSS 4.9), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

XXE Pc2R Firmware Pc3 Firmware Pc2 Firmware
NVD
CVSS 3.0
4.9
EPSS
0.8%
CVE-2018-15364 MEDIUM This Month

A Named Pipe Request Processing Out-of-Bounds Read Information Disclosure vulnerability in Trend Micro OfficeScan XG (12.0) could allow a local attacker to disclose sensitive information on. Rated medium severity (CVSS 4.7). No vendor patch available.

Trend Micro Information Disclosure Buffer Overflow Officescan Xg
NVD
CVSS 3.0
4.7
EPSS
2.1%
Prev Page 2 of 2

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy