Skip to main content
CVE-2018-1683 HIGH This Week

IBM WebSphere Application Server Liberty could allow a remote attacker to obtain sensitive information, caused by the failure to encrypt ORB communication. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

IBM Information Disclosure Websphere Application Server
NVD
CVSS 3.0
7.5
EPSS
2.0%
CVE-2018-1545 HIGH This Week

IBM Tivoli Storage Manager (IBM Spectrum Protect 7.1 and 8.1) uses weaker than expected cryptographic algorithms that could allow an attacker to decrypt highly sensitive information. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

IBM Information Disclosure Spectrum Protect Client Spectrum Protect For Virtual Environments
NVD
CVSS 3.1
7.5
EPSS
1.0%
CVE-2018-16713 MEDIUM This Month

IObit Advanced SystemCare, which includes Monitor_win10_x64.sys or Monitor_win7_x64.sys, 1.2.0.5 (and possibly earlier versions) allows a user to send an IOCTL (0x9C402084) with a buffer containing. Rated medium severity (CVSS 6.5), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Buffer Overflow Advanced Systemcare
NVD
CVSS 3.0
6.5
EPSS
1.9%
CVE-2018-8846 MEDIUM This Month

Philips e-Alert Unit (non-medical device), Version R2.1 and prior. Rated medium severity (CVSS 6.1), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

XSS E Alert Firmware
NVD
CVSS 3.0
6.1
EPSS
1.3%
CVE-2018-15606 MEDIUM This Month

An XSS issue was discovered in SalesAgility SuiteCRM 7.x before 7.8.21 and 7.10.x before 7.10.8, related to phishing an error message. Rated medium severity (CVSS 6.1), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

XSS Suitecrm
NVD
CVSS 3.0
6.1
EPSS
0.6%
CVE-2018-1550 MEDIUM PATCH This Month

IBM Spectrum Protect 7.1 and 8.1 could allow a local user to corrupt or delete highly sensitive information that would cause a denial of service to other users. Rated medium severity (CVSS 5.5), this vulnerability is low attack complexity. This Improper Privilege Management vulnerability could allow attackers to escalate privileges to gain unauthorized elevated access.

Privilege Escalation IBM Denial Of Service Tivoli Storage Manager Tivoli Storage Manager For Space Management +1
NVD
CVSS 3.0
5.5
EPSS
0.3%
CVE-2018-7907 MEDIUM This Month

Some Huawei products Agassi-L09 AGS-L09C100B257CUSTC100D001, AGS-L09C170B253CUSTC170D001, AGS-L09C199B251CUSTC199D001, AGS-L09C229B003CUSTC229D001, Agassi-W09 AGS-W09C100B257CUSTC100D001,. Rated medium severity (CVSS 5.5), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Huawei Information Disclosure Agassi L09 Firmware Agassi W09 Firmware Baggio2 U01A Firmware +16
NVD
CVSS 3.0
5.5
EPSS
0.7%
CVE-2018-17556 MEDIUM This Month

MODX Revolution v2.6.5-pl allows stored XSS via a Create New Media Source action. Rated medium severity (CVSS 5.4), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

XSS Modx Revolution
NVD GitHub
CVSS 3.0
5.4
EPSS
0.6%
CVE-2018-1610 MEDIUM This Month

IBM Rational DOORS Next Generation 5.0 through 5.0.2 and 6.0 through 6.0.6 are vulnerable to cross-site scripting. Rated medium severity (CVSS 5.4), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

XSS IBM Rational Doors Next Generation
NVD
CVSS 3.0
5.4
EPSS
0.7%
CVE-2018-14803 MEDIUM This Month

Philips e-Alert Unit (non-medical device), Version R2.1 and prior. Rated medium severity (CVSS 5.3), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Information Disclosure E Alert Firmware
NVD
CVSS 3.0
5.3
EPSS
1.7%
CVE-2018-16969 MEDIUM PATCH This Month

Citrix ShareFile StorageZones Controller before 5.4.2 has Information Exposure Through an Error Message. Rated medium severity (CVSS 4.3), this vulnerability is remotely exploitable, low attack complexity. This Exposure of Sensitive Information vulnerability could allow attackers to access sensitive data that should not be disclosed.

Citrix Information Disclosure Sharefile Storagezones Controller
NVD
CVSS 3.0
4.3
EPSS
1.1%
CVE-2018-16968 LOW PATCH Monitor

Citrix ShareFile StorageZones Controller before 5.4.2 allows Directory Traversal. Rated low severity (CVSS 3.1), this vulnerability is remotely exploitable. This Path Traversal vulnerability could allow attackers to access files and directories outside the intended path.

Citrix Path Traversal Sharefile Storagezones Controller
NVD
CVSS 3.0
3.1
EPSS
1.1%
Prev Page 2 of 2

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy