Skip to main content
CVE-2018-17108 HIGH POC This Week

The SBIbuddy (aka com.sbi.erupee) application 1.41 and 1.42 for Android might allow attackers to perform Account Takeover attacks by intercepting a security-question response during the initial. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Google Information Disclosure Sbi Buddy
NVD GitHub
CVSS 3.0
8.8
EPSS
1.1%
CVE-2018-17104 HIGH POC PATCH This Week

An issue was discovered in Microweber 1.0.7. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available.

CSRF Microweber
NVD GitHub
CVSS 3.0
8.8
EPSS
0.8%
CVE-2018-17103 HIGH POC This Week

An issue was discovered in GetSimple CMS v3.3.13. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

CSRF PHP Getsimple Cms
NVD GitHub
CVSS 3.0
8.8
EPSS
0.7%
CVE-2018-17102 HIGH POC This Week

An issue was discovered in QuickAppsCMS (aka QACMS) through 2.0.0-beta2. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

CSRF Quickapps Cms
NVD GitHub
CVSS 3.0
8.8
EPSS
0.7%
CVE-2018-17098 HIGH POC This Week

The WavFileBase class in WavFile.cpp in Olli Parviainen SoundTouch 2.0 allows remote attackers to cause a denial of service (heap corruption from size inconsistency) or possibly have unspecified. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Memory Corruption Denial Of Service Buffer Overflow Soundtouch
NVD GitHub
CVSS 3.0
8.8
EPSS
2.8%
CVE-2018-17097 HIGH POC This Week

The WavFileBase class in WavFile.cpp in Olli Parviainen SoundTouch 2.0 allows remote attackers to cause a denial of service (double free) or possibly have unspecified other impact, as demonstrated by. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Denial Of Service Soundtouch
NVD GitHub
CVSS 3.0
8.8
EPSS
2.8%
CVE-2018-17095 HIGH POC PATCH This Week

An issue has been discovered in mpruett Audio File Library (aka audiofile) 0.3.6, 0.3.5, 0.3.4, 0.3.3, 0.3.2, 0.3.1, 0.3.0. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available.

Memory Corruption Buffer Overflow Audiofile Ubuntu Linux
NVD GitHub
CVSS 3.1
8.8
EPSS
4.7%
CVE-2018-17076 HIGH POC This Week

GPP through 2.25 will try to use more memory space than is available on the stack, leading to a segmentation fault or possibly unspecified other impact via a crafted file. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Buffer Overflow General Purpose Preprocessor
NVD GitHub
CVSS 3.0
8.8
EPSS
1.5%
CVE-2018-17088 HIGH POC This Week

The ProcessGpsInfo function of the gpsinfo.c file of jhead 3.00 may allow a remote attacker to cause a denial-of-service attack or unspecified other impact via a malicious JPEG file, because there is. Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Integer Overflow Buffer Overflow Jhead
NVD
CVSS 3.0
7.8
EPSS
1.6%
CVE-2018-16554 HIGH POC This Week

The ProcessGpsInfo function of the gpsinfo.c file of jhead 3.00 may allow a remote attacker to cause a denial-of-service attack or unspecified other impact via a malicious JPEG file, because of. Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Information Disclosure Jhead
NVD
CVSS 3.0
7.8
EPSS
1.8%
CVE-2018-17106 HIGH POC This Week

In Tinyftp Tinyftpd 1.1, a buffer overflow exists in the text variable of the do_mkd function in the ftpproto.c file. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Buffer Overflow Tinyftp
NVD GitHub
CVSS 3.0
7.5
EPSS
0.9%
CVE-2018-17075 HIGH POC PATCH This Week

The html package (aka x/net/html) before 2018-07-13 in Go mishandles "in frameset" insertion mode, leading to a "panic: runtime error" for html.Parse of <template><object>, <template><applet>, or. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available.

Null Pointer Dereference Denial Of Service Apple Net Fedora
NVD GitHub
CVSS 3.1
7.5
EPSS
2.8%
CVE-2018-17073 HIGH POC This Week

wernsey/bitmap before 2018-08-18 allows a NULL pointer dereference via a 4-bit image. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Null Pointer Dereference Denial Of Service Bitmap
NVD GitHub
CVSS 3.0
7.5
EPSS
1.2%
CVE-2018-17101 HIGH PATCH This Week

An issue was discovered in LibTIFF 4.0.9. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. This Out-of-bounds Write vulnerability could allow attackers to write data beyond allocated buffer boundaries leading to code execution or crashes.

Memory Corruption Denial Of Service Buffer Overflow Debian Linux Libtiff +1
NVD
CVSS 3.0
8.8
EPSS
3.2%
CVE-2018-17100 HIGH PATCH This Week

An issue was discovered in LibTIFF 4.0.9. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. This Integer Overflow vulnerability could allow attackers to cause unexpected behavior through arithmetic overflow.

Integer Overflow Denial Of Service Debian Linux Libtiff Ubuntu Linux
NVD
CVSS 3.0
8.8
EPSS
2.5%

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy