Skip to main content
CVE-2018-17108 HIGH POC This Week

The SBIbuddy (aka com.sbi.erupee) application 1.41 and 1.42 for Android might allow attackers to perform Account Takeover attacks by intercepting a security-question response during the initial. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Google Information Disclosure Sbi Buddy
NVD GitHub
CVSS 3.0
8.8
EPSS
1.1%
CVE-2018-17104 HIGH POC PATCH This Week

An issue was discovered in Microweber 1.0.7. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available.

CSRF Microweber
NVD GitHub
CVSS 3.0
8.8
EPSS
0.8%
CVE-2018-17103 HIGH POC This Week

An issue was discovered in GetSimple CMS v3.3.13. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

CSRF PHP Getsimple Cms
NVD GitHub
CVSS 3.0
8.8
EPSS
0.7%
CVE-2018-17102 HIGH POC This Week

An issue was discovered in QuickAppsCMS (aka QACMS) through 2.0.0-beta2. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

CSRF Quickapps Cms
NVD GitHub
CVSS 3.0
8.8
EPSS
0.7%
CVE-2018-17098 HIGH POC This Week

The WavFileBase class in WavFile.cpp in Olli Parviainen SoundTouch 2.0 allows remote attackers to cause a denial of service (heap corruption from size inconsistency) or possibly have unspecified. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Memory Corruption Denial Of Service Buffer Overflow Soundtouch
NVD GitHub
CVSS 3.0
8.8
EPSS
2.8%
CVE-2018-17097 HIGH POC This Week

The WavFileBase class in WavFile.cpp in Olli Parviainen SoundTouch 2.0 allows remote attackers to cause a denial of service (double free) or possibly have unspecified other impact, as demonstrated by. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Denial Of Service Soundtouch
NVD GitHub
CVSS 3.0
8.8
EPSS
2.8%
CVE-2018-17095 HIGH POC PATCH This Week

An issue has been discovered in mpruett Audio File Library (aka audiofile) 0.3.6, 0.3.5, 0.3.4, 0.3.3, 0.3.2, 0.3.1, 0.3.0. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available.

Memory Corruption Buffer Overflow Audiofile Ubuntu Linux
NVD GitHub
CVSS 3.1
8.8
EPSS
4.7%
CVE-2018-17076 HIGH POC This Week

GPP through 2.25 will try to use more memory space than is available on the stack, leading to a segmentation fault or possibly unspecified other impact via a crafted file. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Buffer Overflow General Purpose Preprocessor
NVD GitHub
CVSS 3.0
8.8
EPSS
1.5%
CVE-2018-17088 HIGH POC This Week

The ProcessGpsInfo function of the gpsinfo.c file of jhead 3.00 may allow a remote attacker to cause a denial-of-service attack or unspecified other impact via a malicious JPEG file, because there is. Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Integer Overflow Buffer Overflow Jhead
NVD
CVSS 3.0
7.8
EPSS
1.6%
CVE-2018-16554 HIGH POC This Week

The ProcessGpsInfo function of the gpsinfo.c file of jhead 3.00 may allow a remote attacker to cause a denial-of-service attack or unspecified other impact via a malicious JPEG file, because of. Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Information Disclosure Jhead
NVD
CVSS 3.0
7.8
EPSS
1.8%
CVE-2018-17106 HIGH POC This Week

In Tinyftp Tinyftpd 1.1, a buffer overflow exists in the text variable of the do_mkd function in the ftpproto.c file. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Buffer Overflow Tinyftp
NVD GitHub
CVSS 3.0
7.5
EPSS
0.9%
CVE-2018-17075 HIGH POC PATCH This Week

The html package (aka x/net/html) before 2018-07-13 in Go mishandles "in frameset" insertion mode, leading to a "panic: runtime error" for html.Parse of <template><object>, <template><applet>, or. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available.

Null Pointer Dereference Denial Of Service Apple Net Fedora
NVD GitHub
CVSS 3.1
7.5
EPSS
2.8%
CVE-2018-17073 HIGH POC This Week

wernsey/bitmap before 2018-08-18 allows a NULL pointer dereference via a 4-bit image. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Null Pointer Dereference Denial Of Service Bitmap
NVD GitHub
CVSS 3.0
7.5
EPSS
1.2%
CVE-2018-17096 MEDIUM POC This Month

The BPMDetect class in BPMDetect.cpp in libSoundTouch.a in Olli Parviainen SoundTouch 2.0 allows remote attackers to cause a denial of service (assertion failure and application exit), as. Rated medium severity (CVSS 6.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Denial Of Service Soundtouch
NVD GitHub
CVSS 3.0
6.5
EPSS
2.3%
CVE-2018-17086 MEDIUM POC This Month

An issue was discovered in OTCMS 3.61. Rated medium severity (CVSS 6.1), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

XSS PHP Otcms
NVD
CVSS 3.0
6.1
EPSS
0.7%
CVE-2018-17085 MEDIUM POC This Month

An issue was discovered in OTCMS 3.61. Rated medium severity (CVSS 6.1), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

XSS PHP Otcms
NVD
CVSS 3.0
6.1
EPSS
0.7%
CVE-2018-17062 MEDIUM POC This Month

An issue was discovered in SeaCMS 6.64. Rated medium severity (CVSS 6.1), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

XSS PHP Seacms
NVD
CVSS 3.0
6.1
EPSS
0.7%
CVE-2018-17082 MEDIUM POC PATCH This Month

The Apache2 component in PHP before 5.6.38, 7.0.x before 7.0.32, 7.1.x before 7.1.22, and 7.2.x before 7.2.10 allows XSS via the body of a "Transfer-Encoding: chunked" request, because the bucket. Rated medium severity (CVSS 6.1), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available.

XSS PHP Debian Linux Storage Automation Store
NVD GitHub
CVSS 3.0
6.1
EPSS
4.1%
CVE-2018-17077 MEDIUM POC This Month

An issue was discovered in yiqicms through 2016-11-20. Rated medium severity (CVSS 6.1), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

XSS PHP Yiqicms
NVD GitHub
CVSS 3.0
6.1
EPSS
0.8%
CVE-2018-17074 MEDIUM POC This Month

The Feed Statistics plugin before 4.0 for WordPress has an Open Redirect via the feed-stats-url parameter. Rated medium severity (CVSS 6.1), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

WordPress Open Redirect Feed Statistics
NVD
CVSS 3.0
6.1
EPSS
1.2%
CVE-2018-17072 CRITICAL Act Now

JSON++ through 2016-06-15 has a buffer over-read in yyparse() in json.y. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Information Disclosure Buffer Overflow Json
NVD GitHub
CVSS 3.0
9.8
EPSS
1.6%
CVE-2018-17092 MEDIUM POC This Month

An issue was discovered in DonLinkage 6.6.8. Rated medium severity (CVSS 5.4), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available and no vendor patch available.

SQLi PHP Donlinkage
NVD
CVSS 3.0
5.4
EPSS
0.6%
CVE-2018-17091 MEDIUM POC This Month

An issue was discovered in DonLinkage 6.6.8. Rated medium severity (CVSS 5.4), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available and no vendor patch available.

Information Disclosure Donlinkage
NVD
CVSS 3.0
5.4
EPSS
0.7%
CVE-2018-17090 MEDIUM POC This Month

An issue was discovered in DonLinkage 6.6.8. Rated medium severity (CVSS 5.4), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available and no vendor patch available.

XSS PHP Donlinkage
NVD
CVSS 3.0
5.4
EPSS
0.5%
CVE-2018-17101 HIGH PATCH This Week

An issue was discovered in LibTIFF 4.0.9. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. This Out-of-bounds Write vulnerability could allow attackers to write data beyond allocated buffer boundaries leading to code execution or crashes.

Memory Corruption Denial Of Service Buffer Overflow Debian Linux Libtiff +1
NVD
CVSS 3.0
8.8
EPSS
3.2%
CVE-2018-17100 HIGH PATCH This Week

An issue was discovered in LibTIFF 4.0.9. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. This Integer Overflow vulnerability could allow attackers to cause unexpected behavior through arithmetic overflow.

Integer Overflow Denial Of Service Debian Linux Libtiff Ubuntu Linux
NVD
CVSS 3.0
8.8
EPSS
2.5%

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy