Skip to main content
CVE-2018-13140 HIGH POC This Week

Druide Antidote through 9.5.1 on Windows and Linux allows remote code execution through the update mechanism by leveraging use of HTTP to download installation packages. Rated high severity (CVSS 8.1), this vulnerability is remotely exploitable, no authentication required. Public exploit code available and no vendor patch available.

Microsoft RCE Antidote 9
NVD
CVSS 3.0
8.1
EPSS
6.6%
CVE-2018-16299 HIGH POC THREAT This Week

The Localize My Post plugin 1.0 for WordPress allows Directory Traversal via the ajax/include.php file parameter. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

WordPress Path Traversal PHP Localize My Post
NVD GitHub Exploit-DB
CVSS 3.0
7.5
EPSS
44.4%
CVE-2018-14318 HIGH This Week

This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Samsung Galaxy S8 G950FXXU1AQL5. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Samsung RCE Buffer Overflow Stack Overflow Galaxy S8 Firmware
NVD
CVSS 3.0
8.8
EPSS
2.5%
CVE-2018-11614 HIGH This Week

This vulnerability allows remote attackers to escalate privileges on vulnerable installations of Samsung Members Fixed in version 2.4.25. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Privilege Escalation Samsung Samsung Members
NVD
CVSS 3.0
8.8
EPSS
1.3%
CVE-2018-10496 HIGH This Week

This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Samsung Internet Browser Fixed in version 6.4.0.15. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Memory Corruption RCE Use After Free Samsung Samsung Internet Browser
NVD
CVSS 3.0
8.8
EPSS
2.5%
CVE-2018-10502 HIGH This Week

This vulnerability allows local attackers to escalate privileges on vulnerable installations of Samsung Galaxy Apps Fixed in version 4.2.18.2. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. No vendor patch available.

Privilege Escalation Samsung Galaxy Apps
NVD
CVSS 3.0
7.8
EPSS
0.3%
CVE-2018-10497 HIGH This Week

This vulnerability allows local attackers to escalate privileges on vulnerable installations of Samsung Email Fixed in version 5.0.02.16. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. No vendor patch available.

RCE Samsung Samsung Email
NVD
CVSS 3.0
7.8
EPSS
0.3%
CVE-2018-6700 HIGH This Week

DLL Search Order Hijacking vulnerability in Microsoft Windows Client in McAfee True Key (TK) before 5.1.165 allows local users to execute arbitrary code via specially crafted malware. Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Microsoft RCE True Key
NVD
CVSS 3.1
7.8
EPSS
0.9%
CVE-2018-17281 HIGH PATCH This Week

There is a stack consumption vulnerability in the res_http_websocket.so module of Asterisk through 13.23.0, 14.7.x through 14.7.7, and 15.x through 15.6.0 and Certified Asterisk through 13.21-cert2. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. This Uncontrolled Resource Consumption vulnerability could allow attackers to cause denial of service by exhausting system resources.

Denial Of Service Asterisk Certified Asterisk Debian Linux
NVD
CVSS 3.0
7.5
EPSS
53.4%
CVE-2018-12975 HIGH This Week

The random() function of the smart contract implementation for CryptoSaga, an Ethereum game, generates a random value with publicly readable variables such as timestamp, the current block's. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Information Disclosure Cryptosaga
NVD
CVSS 3.0
7.5
EPSS
1.3%
CVE-2018-10501 HIGH This Week

This vulnerability allows local attackers to escalate privileges on vulnerable installations of Samsung Notes Fixed in version 2.0.02.31. Rated high severity (CVSS 7.0). No vendor patch available.

Samsung Path Traversal Notes
NVD
CVSS 3.0
7.0
EPSS
0.3%
CVE-2018-10500 HIGH This Week

This vulnerability allows local attackers to escalate privileges on vulnerable installations of Samsung Galaxy Apps Fixed in version 6.4.0.15. Rated high severity (CVSS 7.0). No vendor patch available.

Authentication Bypass Samsung Galaxy Apps
NVD
CVSS 3.0
7.0
EPSS
0.2%
CVE-2018-10499 HIGH This Week

This vulnerability allows local attackers to execute arbitrary code on vulnerable installations of Samsung Galaxy Apps Fixed in version 6.4.0.15. Rated high severity (CVSS 7.0). No vendor patch available.

RCE Samsung Galaxy Apps
NVD
CVSS 3.0
7.0
EPSS
0.3%

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy