Skip to main content
CVE-2018-2470 MEDIUM This Month

In SAP NetWeaver Application Server for ABAP, from 7.0 to 7.02, 7.30, 7.31, 7.40 and from 7.50 to 7.53, applications do not sufficiently encode user-controlled inputs, resulting in Cross-Site. Rated medium severity (CVSS 6.1), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

XSS SAP Netweaver
NVD
CVSS 3.0
6.1
EPSS
1.0%
CVE-2018-18070 MEDIUM This Month

An issue was discovered in Daimler Mercedes-Benz COMAND 17/13.0 50.12 on Mercedes-Benz C-Class 2018 vehicles. Rated medium severity (CVSS 5.9), this vulnerability is remotely exploitable, no authentication required. No vendor patch available.

Denial Of Service Comand
NVD VulDB
CVSS 3.1
5.9
EPSS
1.1%
CVE-2018-18190 MEDIUM PATCH This Month

An issue was discovered in GoPro gpmf-parser before 1.2.1. Rated medium severity (CVSS 5.5), this vulnerability is no authentication required, low attack complexity.

Information Disclosure Gpmf Parser
NVD GitHub
CVSS 3.0
5.5
EPSS
0.9%
CVE-2018-2466 MEDIUM This Month

In Impact and Lineage Analysis in SAP Data Services, version 4.2, the management console does not sufficiently validate user-controlled inputs, which results in Cross-Site Scripting (XSS). Rated medium severity (CVSS 5.4), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

XSS SAP Data Services
NVD
CVSS 3.0
5.4
EPSS
0.8%
CVE-2018-2467 MEDIUM This Month

In the Software Development Kit in SAP BusinessObjects BI Platform Servers, versions 4.1 and 4.2, using the specially crafted URL in a Web Browser such as Chrome the system returns an error with the. Rated medium severity (CVSS 5.3), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Google Information Disclosure SAP Businessobjects Bi Platform
NVD
CVSS 3.0
5.3
EPSS
1.4%
CVE-2018-7928 MEDIUM This Month

There is a security vulnerability which could lead to Factory Reset Protection (FRP) bypass in the MyCloud APP with the versions before 8.1.2.303 installed on some Huawei smart phones. Rated medium severity (CVSS 4.6), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Authentication Bypass Huawei My Cloud
NVD
CVSS 3.0
4.6
EPSS
0.3%
CVE-2018-17859 MEDIUM This Month

An issue was discovered in Joomla!. Rated medium severity (CVSS 4.3), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Information Disclosure Joomla
NVD
CVSS 3.0
4.3
EPSS
1.3%
CVE-2018-17857 MEDIUM This Month

An issue was discovered in Joomla!. Rated medium severity (CVSS 4.3), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Authentication Bypass Joomla
NVD
CVSS 3.0
4.3
EPSS
1.2%
Prev Page 2 of 2

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy