Skip to main content
CVE-2018-17796 CRITICAL POC Act Now

An issue was discovered in MRCMS (aka mushroom) through 3.1.2. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

SQLi Java Mushroom Content Management System
NVD GitHub
CVSS 3.0
9.8
EPSS
1.5%
CVE-2018-17795 HIGH POC This Week

The function t2p_write_pdf in tiff2pdf.c in LibTIFF 4.0.9 and earlier allows remote attackers to cause a denial of service (heap-based buffer overflow and application crash) or possibly have. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Memory Corruption Denial Of Service Buffer Overflow Libtiff
NVD GitHub
CVSS 3.0
8.8
EPSS
4.1%
CVE-2018-17785 HIGH POC PATCH This Week

In blynk-server in Blynk before 0.39.7, Directory Traversal exists via a ../ in a URI that has /static or /static/js at the beginning, as demonstrated by reading the /etc/passwd file. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Path Traversal Blynk Server
NVD GitHub
CVSS 3.0
7.5
EPSS
2.1%
CVE-2018-17798 MEDIUM POC This Month

An issue was discovered in zzcms 8.3. Rated medium severity (CVSS 6.5), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available and no vendor patch available.

Path Traversal PHP Zzcms
NVD GitHub
CVSS 3.0
6.5
EPSS
1.2%
CVE-2018-17797 MEDIUM POC This Month

An issue was discovered in zzcms 8.3. Rated medium severity (CVSS 6.5), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available and no vendor patch available.

Path Traversal PHP Zzcms
NVD GitHub
CVSS 3.0
6.5
EPSS
1.4%
CVE-2018-17794 MEDIUM This Month

An issue was discovered in cplus-dem.c in GNU libiberty, as distributed in GNU Binutils 2.31. Rated medium severity (CVSS 6.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Null Pointer Dereference Denial Of Service Binutils
NVD
CVSS 3.0
6.5
EPSS
1.8%

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy