Skip to main content
CVE-2018-17439 MEDIUM POC This Month

An issue was discovered in the HDF HDF5 1.10.3 library. Rated medium severity (CVSS 6.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Memory Corruption Buffer Overflow Hdf5
NVD GitHub
CVSS 3.0
6.5
EPSS
1.3%
CVE-2018-17438 MEDIUM POC This Month

A SIGFPE signal is raised in the function H5D__select_io() of H5Dselect.c in the HDF HDF5 through 1.10.3 library during an attempted parse of a crafted HDF file, because of incorrect protection. Rated medium severity (CVSS 6.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Denial Of Service Hdf5
NVD GitHub
CVSS 3.0
6.5
EPSS
1.7%
CVE-2018-17437 MEDIUM POC This Month

Memory leak in the H5O_dtype_decode_helper() function in H5Odtype.c in the HDF HDF5 through 1.10.3 library allows attackers to cause a denial of service (memory consumption) via a crafted HDF5 file. Rated medium severity (CVSS 6.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Denial Of Service Hdf5
NVD GitHub
CVSS 3.0
6.5
EPSS
1.5%
CVE-2018-17436 MEDIUM POC This Month

ReadCode() in decompress.c in the HDF HDF5 through 1.10.3 library allows attackers to cause a denial of service (invalid write access) via a crafted HDF5 file. Rated medium severity (CVSS 6.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Memory Corruption Denial Of Service Buffer Overflow Hdf5
NVD GitHub
CVSS 3.0
6.5
EPSS
1.3%
CVE-2018-17435 MEDIUM POC This Month

A heap-based buffer over-read in H5O_attr_decode() in H5Oattr.c in the HDF HDF5 through 1.10.3 library allows attackers to cause a denial of service via a crafted HDF5 file. Rated medium severity (CVSS 6.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Information Disclosure Denial Of Service Buffer Overflow Hdf5
NVD GitHub
CVSS 3.0
6.5
EPSS
1.3%
CVE-2018-17434 MEDIUM POC This Month

A SIGFPE signal is raised in the function apply_filters() of h5repack_filters.c in the HDF HDF5 through 1.10.3 library during an attempted parse of a crafted HDF file, because of incorrect protection. Rated medium severity (CVSS 6.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Denial Of Service Hdf5
NVD GitHub
CVSS 3.0
6.5
EPSS
2.0%
CVE-2018-17433 MEDIUM POC This Month

A heap-based buffer overflow in ReadGifImageDesc() in gifread.c in the HDF HDF5 through 1.10.3 library allows attackers to cause a denial of service via a crafted HDF5 file. Rated medium severity (CVSS 6.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Memory Corruption Denial Of Service Buffer Overflow Hdf5
NVD GitHub
CVSS 3.0
6.5
EPSS
1.3%
CVE-2018-17432 MEDIUM POC This Month

A NULL pointer dereference in H5O_sdspace_encode() in H5Osdspace.c in the HDF HDF5 through 1.10.3 library allows attackers to cause a denial of service via a crafted HDF5 file. Rated medium severity (CVSS 6.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Null Pointer Dereference Denial Of Service Hdf5
NVD GitHub
CVSS 3.0
6.5
EPSS
1.3%
CVE-2018-6682 MEDIUM This Month

Cross Site Scripting Exposure in McAfee True Key (TK) 4.0.0.0 and earlier allows local users to expose confidential data via a crafted web site. Rated medium severity (CVSS 6.1), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

XSS True Key
NVD
CVSS 3.1
6.1
EPSS
0.7%
CVE-2018-14825 MEDIUM This Month

On Honeywell Mobile Computers (CT60 running Android OS 7.1, CN80 running Android OS 7.1, CT40 running Android OS 7.1, CK75 running Android OS 6.0, CN75 running Android OS 6.0, CN75e running Android. Rated medium severity (CVSS 5.8), this vulnerability is no authentication required. No vendor patch available.

Google Privilege Escalation Honeywell Cn80 Ct40 +12
NVD
CVSS 3.0
5.8
EPSS
0.8%
CVE-2018-10498 MEDIUM This Month

This vulnerability allows local attackers to disclose sensitive information on vulnerable installations of Samsung Email Fixed in version 5.0.02.16. Rated medium severity (CVSS 5.5), this vulnerability is low attack complexity. No vendor patch available.

RCE Samsung Samsung Email
NVD
CVSS 3.0
5.5
EPSS
0.4%
CVE-2018-15615 MEDIUM This Month

A vulnerability in the Supervisor component of Avaya Call Management System allows local administrative user to extract sensitive information from users connecting to a remote CMS host. Rated medium severity (CVSS 4.4), this vulnerability is low attack complexity. No vendor patch available.

Information Disclosure Call Management System Supervisor
NVD
CVSS 3.0
4.4
EPSS
0.3%

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy