Skip to main content
CVE-2018-12470 CRITICAL Act Now

A SQL Injection in the RegistrationSharing module of SUSE Linux SMT allows remote attackers to cause execute arbitrary SQL statements. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

SQLi Subscription Management Tool
NVD
CVSS 3.0
9.8
EPSS
2.0%
CVE-2018-5492 CRITICAL Act Now

NetApp E-Series SANtricity OS Controller Software 11.30 and later version 11.30.5 is susceptible to unauthenticated remote code execution. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

RCE E Series Santricity Os Controller
NVD
CVSS 3.0
9.8
EPSS
2.9%
CVE-2018-17983 CRITICAL PATCH Act Now

cext/manifest.c in Mercurial before 4.7.2 has an out-of-bounds read during parsing of a malformed manifest entry. Rated critical severity (CVSS 9.1), this vulnerability is remotely exploitable, no authentication required, low attack complexity.

Information Disclosure Buffer Overflow Mercurial
NVD
CVSS 3.0
9.1
EPSS
2.0%
CVE-2018-12472 CRITICAL Act Now

A improper authentication using the HOST header in SUSE Linux SMT allows remote attackers to spoof a sibling server. Rated critical severity (CVSS 9.1), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Authentication Bypass Subscription Management Tool
NVD
CVSS 3.0
9.1
EPSS
1.5%

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy