Skip to main content
CVE-2018-16509 HIGH POC THREAT Act Now

An issue was discovered in Artifex Ghostscript before 9.24. Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Information Disclosure Debian Linux Ghostscript Ubuntu Linux Enterprise Linux Desktop +4
NVD Exploit-DB
CVSS 3.0
7.8
EPSS
92.5%
CVE-2018-16552 HIGH POC This Week

MicroPyramid Django-CRM 0.2 allows CSRF for /users/create/, /users/##/edit/, and /accounts/##/delete/ URIs. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

CSRF Python Django Crm
NVD GitHub
CVSS 3.1
8.8
EPSS
0.6%
CVE-2018-15682 HIGH POC This Week

An issue was discovered in BTITeam XBTIT. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

CSRF Xbtit
NVD
CVSS 3.0
8.8
EPSS
0.5%
CVE-2018-16145 HIGH POC This Week

The /etc/init.d/opsview-reporting-module script that runs at boot time in Opsview Monitor before 5.3.1 and 5.4.x before 5.4.2 invokes a file that can be edited by the nagios user, and would allow. Rated high severity (CVSS 8.1), this vulnerability is remotely exploitable, no authentication required. Public exploit code available and no vendor patch available.

Information Disclosure Opsview
NVD
CVSS 3.0
8.1
EPSS
2.3%
CVE-2018-16545 HIGH POC This Week

Kaizen Asset Manager (Enterprise Edition) and Training Manager (Enterprise Edition) allow a remote attacker to achieve arbitrary code execution via file impersonation. Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

RCE Asset Manager Training Manager
NVD GitHub
CVSS 3.0
7.8
EPSS
1.7%
CVE-2018-16307 HIGH POC This Week

An "Out-of-band resource load" issue was discovered on Xiaomi MIWiFi Xiaomi_55DD Version 2.8.50 devices. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Information Disclosure Xiaomi Miwifi Xiaomi 55Dd Firmware
NVD
CVSS 3.0
7.5
EPSS
2.0%
CVE-2018-16146 HIGH POC This Week

The web management console of Opsview Monitor 5.4.x before 5.4.2 provides functionality accessible by an authenticated administrator to test notifications that are triggered under certain. Rated high severity (CVSS 7.2), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available and no vendor patch available.

Command Injection Opsview
NVD
CVSS 3.0
7.2
EPSS
6.2%
CVE-2018-16436 HIGH POC This Week

Gxlcms 2.0 before bug fix 20180915 has SQL Injection exploitable by an administrator. Rated high severity (CVSS 7.2), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available and no vendor patch available.

SQLi Gxlcms
NVD
CVSS 3.0
7.2
EPSS
1.5%
CVE-2018-14771 HIGH This Week

VIVOTEK FD8177 devices before XXXXXX-VVTK-xx06a allow remote attackers to execute arbitrary code (issue 2 of 2) via eventscript.cgi. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

RCE Camera
NVD
CVSS 3.0
8.8
EPSS
3.0%
CVE-2018-14770 HIGH This Week

VIVOTEK FD8177 devices before XXXXXX-VVTK-xx06a allow remote attackers to execute arbitrary code (issue 1 of 2) via the ONVIF interface, (/onvif/device_service). Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

RCE Camera
NVD
CVSS 3.0
8.8
EPSS
3.0%
CVE-2018-14769 HIGH This Week

VIVOTEK FD8177 devices before XXXXXX-VVTK-xx06a allow CSRF. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

CSRF Camera
NVD
CVSS 3.0
8.8
EPSS
0.5%
CVE-2018-16543 HIGH This Week

In Artifex Ghostscript before 9.24, gssetresolution and gsgetresolution allow attackers to have an unspecified impact. Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Information Disclosure Ghostscript Ubuntu Linux Debian Linux
NVD
CVSS 3.0
7.8
EPSS
1.3%
CVE-2018-16540 HIGH PATCH This Week

In Artifex Ghostscript before 9.24, attackers able to supply crafted PostScript files to the builtin PDF14 converter could use a use-after-free in copydevice handling to crash the interpreter or. Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attack complexity. This Use After Free vulnerability could allow attackers to access freed memory to execute arbitrary code or crash the application.

Memory Corruption Denial Of Service Use After Free Ghostscript Openshift Container Platform +9
NVD
CVSS 3.0
7.8
EPSS
1.6%
CVE-2018-16513 HIGH PATCH This Week

In Artifex Ghostscript before 9.24, attackers able to supply crafted PostScript files could use a type confusion in the setcolor function to crash the interpreter or possibly have unspecified other. Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attack complexity.

Denial Of Service Ghostscript Ubuntu Linux Debian Linux Gpl Ghostscript +1
NVD
CVSS 3.0
7.8
EPSS
1.5%
CVE-2018-16511 HIGH PATCH This Week

An issue was discovered in Artifex Ghostscript before 9.24. Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attack complexity.

Denial Of Service Debian Linux Ghostscript Ubuntu Linux Enterprise Linux Desktop +5
NVD
CVSS 3.0
7.8
EPSS
1.9%
CVE-2018-16510 HIGH PATCH This Week

An issue was discovered in Artifex Ghostscript before 9.24. Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attack complexity. This Buffer Overflow vulnerability could allow attackers to corrupt memory to execute arbitrary code or crash the application.

Buffer Overflow Ghostscript Ubuntu Linux Gpl Ghostscript
NVD
CVSS 3.0
7.8
EPSS
1.7%

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy