Skip to main content
CVE-2018-16144 CRITICAL POC THREAT Act Now

The test connection functionality in the NetAudit section of Opsview Monitor before 5.3.1 and 5.4.x before 5.4.2 is vulnerable to command injection due to improper sanitization of the rancid_password. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Command Injection Opsview
NVD
CVSS 3.0
9.8
EPSS
32.7%
CVE-2018-15681 CRITICAL POC Act Now

An issue was discovered in BTITeam XBTIT 2.5.4. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Information Disclosure Xbtit
NVD
CVSS 3.0
9.8
EPSS
0.8%
CVE-2018-15680 CRITICAL POC Act Now

An issue was discovered in BTITeam XBTIT 2.5.4. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Information Disclosure Xbtit
NVD
CVSS 3.0
9.8
EPSS
0.8%
CVE-2018-16550 CRITICAL Act Now

TeamViewer 10.x through 13.x allows remote attackers to bypass the brute-force authentication protection mechanism by skipping the "Cancel" step, which makes it easier to determine the correct value. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Authentication Bypass Teamviewer
NVD
CVSS 3.0
9.8
EPSS
3.6%
CVE-2018-14618 CRITICAL Act Now

curl before version 7.61.1 is vulnerable to a buffer overrun in the NTLM authentication code. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Heap Overflow Buffer Overflow Libcurl Ubuntu Linux Debian Linux +1
NVD
CVSS 3.0
9.8
EPSS
11.1%
CVE-2018-16521 CRITICAL PATCH Act Now

An XML External Entity (XXE) vulnerability exists in HTML Form Entry 3.7.0, as distributed in OpenMRS Reference Application 2.8.0. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity.

XXE Html Form Entry Reference Application
NVD GitHub
CVSS 3.0
9.8
EPSS
1.9%
CVE-2018-16518 CRITICAL Act Now

A directory traversal vulnerability with remote code execution in Prim'X Zed!. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

RCE Path Traversal Zed Zed Free
NVD GitHub
CVSS 3.0
9.8
EPSS
3.2%
CVE-2018-13259 CRITICAL PATCH Act Now

An issue was discovered in zsh before 5.6. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity.

Information Disclosure Ubuntu Linux Zsh
NVD
CVSS 3.0
9.8
EPSS
2.7%
CVE-2018-0502 CRITICAL PATCH Act Now

An issue was discovered in zsh before 5.6. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity.

Information Disclosure Ubuntu Linux Zsh
NVD
CVSS 3.0
9.8
EPSS
2.5%

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy