Skip to main content
CVE-2018-17888 CRITICAL POC PATCH THREAT Act Now

NUUO CMS all versions 3.1 and prior, The application uses a session identification mechanism that could allow attackers to obtain the active session ID, which could allow arbitrary remote code. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity.

RCE Nuuo Cms
NVD GitHub
CVSS 3.0
9.8
EPSS
29.6%
CVE-2018-18274 HIGH POC This Week

A issue was found in pdfalto 0.2. Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Memory Corruption Buffer Overflow Pdfalto
NVD GitHub
CVSS 3.0
7.8
EPSS
1.2%
CVE-2018-1770 MEDIUM POC PATCH This Month

IBM WebSphere Application Server 7.0, 8.0, 8.5, and 9.0 could allow a remote attacker to traverse directories on the system. Rated medium severity (CVSS 6.5), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available.

IBM Path Traversal Websphere Application Server
NVD
CVSS 3.0
6.5
EPSS
3.5%
CVE-2018-10141 MEDIUM POC This Month

GlobalProtect Portal Login page in Palo Alto Networks PAN-OS before 8.1.4 allows an unauthenticated attacker to inject arbitrary JavaScript or HTML. Rated medium severity (CVSS 6.1), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

XSS Paloalto Pan Os
NVD
CVSS 3.0
6.1
EPSS
3.9%
CVE-2018-16210 MEDIUM POC This Month

WAGO 750-88X and WAGO 750-89X Ethernet Controller devices, versions 01.09.18(13) and before, have XSS in the SNMP configuration via the webserv/cplcfg/snmp.ssi SNMP_DESC or SNMP_LOC_SNMP_CONT field. Rated medium severity (CVSS 6.1), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

XSS 750 362 Firmware 750 363 Firmware 750 823 Firmware 750 832 Firmware +10
NVD Exploit-DB
CVSS 3.1
6.1
EPSS
1.0%
CVE-2018-18271 MEDIUM POC This Month

XSS exists in CMS Made Simple version 2.2.7 via the m1_extra parameter in an admin/moduleinterface.php "Content-->News-->Add Article" action. Rated medium severity (CVSS 6.1), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

XSS PHP Cms Made Simple
NVD GitHub
CVSS 3.0
6.1
EPSS
0.8%
CVE-2018-18270 MEDIUM POC This Month

XSS exists in CMS Made Simple version 2.2.7 via the m1_news_url parameter in an admin/moduleinterface.php "Content-->News-->Add Article" action. Rated medium severity (CVSS 6.1), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

XSS PHP Cms Made Simple
NVD GitHub
CVSS 3.0
6.1
EPSS
0.8%
CVE-2018-17900 CRITICAL Act Now

Yokogawa STARDOM Controllers FCJ, FCN-100, FCN-RTU, FCN-500, All versions R4.10 and prior, The web application improperly protects credentials which could allow an attacker to obtain credentials for. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Information Disclosure Fcj Firmware Fcn 100 Firmware Fcn Rtu Firmware Fcn 500 Firmware
NVD
CVSS 3.0
9.8
EPSS
1.9%
CVE-2018-17894 CRITICAL PATCH Act Now

NUUO CMS all versions 3.1 and prior, The application creates default accounts that have hard-coded passwords, which could allow an attacker to gain privileged access. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. This Use of Hard-coded Credentials vulnerability could allow attackers to gain access using credentials embedded in source code.

Authentication Bypass Nuuo Cms
NVD
CVSS 3.0
9.8
EPSS
2.4%
CVE-2018-17890 CRITICAL PATCH Act Now

NUUO CMS all versions 3.1 and prior, The application uses insecure and outdated software components for functionality, which could allow arbitrary code execution. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity.

RCE Nuuo Cms
NVD
CVSS 3.1
9.8
EPSS
3.3%
CVE-2018-15755 HIGH This Week

Cloud Foundry CF Networking Release, versions 2.11.0 prior to 2.16.0, contain an internal api endpoint vulnerable to SQL injection between Diego cells and the policy server. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

SQLi Cf Networking
NVD
CVSS 3.0
8.8
EPSS
1.3%
CVE-2018-17892 HIGH PATCH This Week

NUUO CMS all versions 3.1 and prior, The application implements a method of user account control that causes standard account security features to not be utilized as intended, which could allow user. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, low attack complexity. This Incorrect Permission Assignment vulnerability could allow attackers to access resources due to misconfigured permissions.

RCE Nuuo Cms
NVD
CVSS 3.0
8.8
EPSS
2.8%
CVE-2018-17896 HIGH This Week

Yokogawa STARDOM Controllers FCJ, FCN-100, FCN-RTU, FCN-500, All versions R4.10 and prior, The affected controllers utilize hard-coded credentials which may allow an attacker gain unauthorized access. Rated high severity (CVSS 8.1), this vulnerability is remotely exploitable, no authentication required. No vendor patch available.

Authentication Bypass Fcj Firmware Fcn 100 Firmware Fcn Rtu Firmware Fcn 500 Firmware
NVD
CVSS 3.0
8.1
EPSS
1.2%
CVE-2018-15966 HIGH This Week

Adobe Acrobat and Reader versions 2018.011.20063 and earlier, 2017.011.30102 and earlier, and 2015.006.30452 and earlier have a security bypass vulnerability. Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Privilege Escalation Adobe Acrobat Dc Acrobat Reader Dc
NVD
CVSS 3.0
7.8
EPSS
4.2%
CVE-2018-15955 HIGH This Week

Adobe Acrobat and Reader versions 2018.011.20063 and earlier, 2017.011.30102 and earlier, and 2015.006.30452 and earlier have an out-of-bounds write vulnerability. Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Memory Corruption Adobe RCE Buffer Overflow Acrobat Dc +1
NVD
CVSS 3.0
7.8
EPSS
19.0%
CVE-2018-15954 HIGH This Week

Adobe Acrobat and Reader versions 2018.011.20063 and earlier, 2017.011.30102 and earlier, and 2015.006.30452 and earlier have an out-of-bounds write vulnerability. Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Memory Corruption Adobe RCE Buffer Overflow Acrobat Dc +1
NVD
CVSS 3.0
7.8
EPSS
19.0%
CVE-2018-15952 HIGH This Week

Adobe Acrobat and Reader versions 2018.011.20063 and earlier, 2017.011.30102 and earlier, and 2015.006.30452 and earlier have an out-of-bounds write vulnerability. Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Memory Corruption Adobe RCE Buffer Overflow Acrobat Dc +1
NVD
CVSS 3.0
7.8
EPSS
15.5%
CVE-2018-15951 HIGH This Week

Adobe Acrobat and Reader versions 2018.011.20063 and earlier, 2017.011.30102 and earlier, and 2015.006.30452 and earlier have a buffer errors vulnerability. Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Adobe RCE Buffer Overflow Acrobat Dc Acrobat Reader Dc
NVD
CVSS 3.0
7.8
EPSS
4.5%
CVE-2018-15945 HIGH This Week

Adobe Acrobat and Reader versions 2018.011.20063 and earlier, 2017.011.30102 and earlier, and 2015.006.30452 and earlier have an out-of-bounds write vulnerability. Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Memory Corruption Adobe RCE Buffer Overflow Acrobat Dc +1
NVD
CVSS 3.0
7.8
EPSS
5.6%
CVE-2018-15944 HIGH This Week

Adobe Acrobat and Reader versions 2018.011.20063 and earlier, 2017.011.30102 and earlier, and 2015.006.30452 and earlier have an out-of-bounds write vulnerability. Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Memory Corruption Adobe RCE Buffer Overflow Acrobat Dc +1
NVD
CVSS 3.0
7.8
EPSS
5.5%
CVE-2018-15941 HIGH This Week

Adobe Acrobat and Reader versions 2018.011.20063 and earlier, 2017.011.30102 and earlier, and 2015.006.30452 and earlier have an out-of-bounds write vulnerability. Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Memory Corruption Adobe RCE Buffer Overflow Acrobat Dc +1
NVD
CVSS 3.0
7.8
EPSS
5.5%
CVE-2018-15940 HIGH This Week

Adobe Acrobat and Reader versions 2018.011.20063 and earlier, 2017.011.30102 and earlier, and 2015.006.30452 and earlier have an out-of-bounds write vulnerability. Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Memory Corruption Adobe RCE Buffer Overflow Acrobat Dc +1
NVD
CVSS 3.0
7.8
EPSS
5.6%
CVE-2018-15939 HIGH This Week

Adobe Acrobat and Reader versions 2018.011.20063 and earlier, 2017.011.30102 and earlier, and 2015.006.30452 and earlier have an out-of-bounds write vulnerability. Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Memory Corruption Adobe RCE Buffer Overflow Acrobat Dc +1
NVD
CVSS 3.0
7.8
EPSS
5.5%
CVE-2018-15938 HIGH This Week

Adobe Acrobat and Reader versions 2018.011.20063 and earlier, 2017.011.30102 and earlier, and 2015.006.30452 and earlier have an out-of-bounds write vulnerability. Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Memory Corruption Adobe RCE Buffer Overflow Acrobat Dc +1
NVD
CVSS 3.0
7.8
EPSS
13.5%
CVE-2018-15937 HIGH This Week

Adobe Acrobat and Reader versions 2018.011.20063 and earlier, 2017.011.30102 and earlier, and 2015.006.30452 and earlier have an untrusted pointer dereference vulnerability. Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Null Pointer Dereference Adobe Denial Of Service RCE Acrobat Dc +1
NVD
CVSS 3.0
7.8
EPSS
28.0%
CVE-2018-15936 HIGH This Week

Adobe Acrobat and Reader versions 2018.011.20063 and earlier, 2017.011.30102 and earlier, and 2015.006.30452 and earlier have an out-of-bounds write vulnerability. Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Memory Corruption Adobe RCE Buffer Overflow Acrobat Dc +1
NVD
CVSS 3.0
7.8
EPSS
13.5%
CVE-2018-15935 HIGH This Week

Adobe Acrobat and Reader versions 2018.011.20063 and earlier, 2017.011.30102 and earlier, and 2015.006.30452 and earlier have an out-of-bounds write vulnerability. Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Memory Corruption Adobe RCE Buffer Overflow Acrobat Dc +1
NVD
CVSS 3.0
7.8
EPSS
13.5%
CVE-2018-15934 HIGH PATCH This Week

Adobe Acrobat and Reader versions 2018.011.20063 and earlier, 2017.011.30102 and earlier, and 2015.006.30452 and earlier have an out-of-bounds write vulnerability. Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attack complexity.

Memory Corruption Adobe RCE Buffer Overflow Acrobat Dc +1
NVD
CVSS 3.0
7.8
EPSS
13.5%
CVE-2018-15933 HIGH PATCH This Week

Adobe Acrobat and Reader versions 2018.011.20063 and earlier, 2017.011.30102 and earlier, and 2015.006.30452 and earlier have an out-of-bounds write vulnerability. Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attack complexity.

Memory Corruption Adobe RCE Buffer Overflow Acrobat Dc +1
NVD
CVSS 3.0
7.8
EPSS
13.5%
CVE-2018-15931 HIGH PATCH This Week

Adobe Acrobat and Reader versions 2018.011.20063 and earlier, 2017.011.30102 and earlier, and 2015.006.30452 and earlier have an untrusted pointer dereference vulnerability. Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attack complexity. This NULL Pointer Dereference vulnerability could allow attackers to crash the application by dereferencing a null pointer.

Null Pointer Dereference Adobe Denial Of Service RCE Acrobat Dc +1
NVD
CVSS 3.0
7.8
EPSS
27.8%
CVE-2018-15930 HIGH PATCH This Week

Adobe Acrobat and Reader versions 2018.011.20063 and earlier, 2017.011.30102 and earlier, and 2015.006.30452 and earlier have an untrusted pointer dereference vulnerability. Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attack complexity. This NULL Pointer Dereference vulnerability could allow attackers to crash the application by dereferencing a null pointer.

Null Pointer Dereference Adobe Denial Of Service RCE Acrobat Dc +1
NVD
CVSS 3.0
7.8
EPSS
27.8%
CVE-2018-15929 HIGH PATCH This Week

Adobe Acrobat and Reader versions 2018.011.20063 and earlier, 2017.011.30102 and earlier, and 2015.006.30452 and earlier have an out-of-bounds write vulnerability. Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attack complexity.

Memory Corruption Adobe RCE Buffer Overflow Acrobat Dc +1
NVD
CVSS 3.0
7.8
EPSS
13.5%
CVE-2018-15928 HIGH PATCH This Week

Adobe Acrobat and Reader versions 2018.011.20063 and earlier, 2017.011.30102 and earlier, and 2015.006.30452 and earlier have an out-of-bounds write vulnerability. Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attack complexity.

Memory Corruption Adobe RCE Buffer Overflow Acrobat Dc +1
NVD
CVSS 3.0
7.8
EPSS
15.9%
CVE-2018-15924 HIGH PATCH This Week

Adobe Acrobat and Reader versions 2018.011.20063 and earlier, 2017.011.30102 and earlier, and 2015.006.30452 and earlier have an use after free vulnerability. Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attack complexity.

Adobe RCE Use After Free Denial Of Service Memory Corruption +2
NVD
CVSS 3.0
7.8
EPSS
4.8%
CVE-2018-15920 HIGH PATCH This Week

Adobe Acrobat and Reader versions 2018.011.20063 and earlier, 2017.011.30102 and earlier, and 2015.006.30452 and earlier have an use after free vulnerability. Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attack complexity.

Adobe RCE Use After Free Denial Of Service Memory Corruption +2
NVD
CVSS 3.0
7.8
EPSS
4.8%
CVE-2018-12877 HIGH PATCH This Week

Adobe Acrobat and Reader versions 2018.011.20063 and earlier, 2017.011.30102 and earlier, and 2015.006.30452 and earlier have an use after free vulnerability. Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attack complexity.

Adobe RCE Use After Free Denial Of Service Memory Corruption +2
NVD
CVSS 3.0
7.8
EPSS
4.8%
CVE-2018-12876 HIGH PATCH This Week

Adobe Acrobat and Reader versions 2018.011.20063 and earlier, 2017.011.30102 and earlier, and 2015.006.30452 and earlier have a type confusion vulnerability. Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attack complexity.

Adobe RCE Acrobat Dc Acrobat Reader Dc
NVD
CVSS 3.0
7.8
EPSS
4.8%
CVE-2018-12868 HIGH PATCH This Week

Adobe Acrobat and Reader versions 2018.011.20063 and earlier, 2017.011.30102 and earlier, and 2015.006.30452 and earlier have an out-of-bounds write vulnerability. Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attack complexity.

Memory Corruption Adobe RCE Buffer Overflow Acrobat Dc +1
NVD
CVSS 3.0
7.8
EPSS
4.0%
CVE-2018-12865 HIGH PATCH This Week

Adobe Acrobat and Reader versions 2018.011.20063 and earlier, 2017.011.30102 and earlier, and 2015.006.30452 and earlier have an out-of-bounds write vulnerability. Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attack complexity.

Memory Corruption Adobe RCE Buffer Overflow Acrobat Dc +1
NVD
CVSS 3.0
7.8
EPSS
15.9%
CVE-2018-12864 HIGH This Week

Adobe Acrobat and Reader versions 2018.011.20063 and earlier, 2017.011.30102 and earlier, and 2015.006.30452 and earlier have an out-of-bounds write vulnerability. Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Memory Corruption Adobe RCE Buffer Overflow Acrobat Dc +1
NVD
CVSS 3.0
7.8
EPSS
16.0%
CVE-2018-12863 HIGH PATCH This Week

Adobe Acrobat and Reader versions 2018.011.20063 and earlier, 2017.011.30102 and earlier, and 2015.006.30452 and earlier have an use after free vulnerability. Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attack complexity.

Adobe RCE Use After Free Denial Of Service Memory Corruption +2
NVD
CVSS 3.0
7.8
EPSS
16.9%
CVE-2018-12862 HIGH PATCH This Week

Adobe Acrobat and Reader versions 2018.011.20063 and earlier, 2017.011.30102 and earlier, and 2015.006.30452 and earlier have an out-of-bounds write vulnerability. Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attack complexity.

Memory Corruption Adobe RCE Buffer Overflow Acrobat Dc +1
NVD
CVSS 3.0
7.8
EPSS
13.5%
CVE-2018-12861 HIGH PATCH This Week

Adobe Acrobat and Reader versions 2018.011.20063 and earlier, 2017.011.30102 and earlier, and 2015.006.30452 and earlier have an out-of-bounds write vulnerability. Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attack complexity.

Memory Corruption Adobe RCE Buffer Overflow Acrobat Dc +1
NVD
CVSS 3.0
7.8
EPSS
15.9%
CVE-2018-12860 HIGH PATCH This Week

Adobe Acrobat and Reader versions 2018.011.20063 and earlier, 2017.011.30102 and earlier, and 2015.006.30452 and earlier have an out-of-bounds write vulnerability. Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attack complexity.

Memory Corruption Adobe RCE Buffer Overflow Acrobat Dc +1
NVD
CVSS 3.0
7.8
EPSS
13.5%
CVE-2018-12858 HIGH PATCH This Week

Adobe Acrobat and Reader versions 2018.011.20063 and earlier, 2017.011.30102 and earlier, and 2015.006.30452 and earlier have a type confusion vulnerability. Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attack complexity.

Adobe RCE Acrobat Dc Acrobat Reader Dc
NVD
CVSS 3.0
7.8
EPSS
4.8%
CVE-2018-12855 HIGH This Week

Adobe Acrobat and Reader versions 2018.011.20063 and earlier, 2017.011.30102 and earlier, and 2015.006.30452 and earlier have a buffer errors vulnerability. Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Adobe RCE Buffer Overflow Acrobat Dc Acrobat Reader Dc
NVD
CVSS 3.0
7.8
EPSS
4.9%
CVE-2018-12853 HIGH This Week

Adobe Acrobat and Reader versions 2018.011.20063 and earlier, 2017.011.30102 and earlier, and 2015.006.30452 and earlier have a buffer errors vulnerability. Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Adobe RCE Buffer Overflow Acrobat Dc Acrobat Reader Dc
NVD
CVSS 3.0
7.8
EPSS
4.9%
CVE-2018-12852 HIGH This Week

Adobe Acrobat and Reader versions 2018.011.20063 and earlier, 2017.011.30102 and earlier, and 2015.006.30452 and earlier have an use after free vulnerability. Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Adobe RCE Use After Free Denial Of Service Memory Corruption +2
NVD
CVSS 3.0
7.8
EPSS
4.8%
CVE-2018-12851 HIGH This Week

Adobe Acrobat and Reader versions 2018.011.20063 and earlier, 2017.011.30102 and earlier, and 2015.006.30452 and earlier have a heap overflow vulnerability. Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Memory Corruption Adobe RCE Buffer Overflow Acrobat Dc +1
NVD
CVSS 3.0
7.8
EPSS
10.1%
CVE-2018-12847 HIGH This Week

Adobe Acrobat and Reader versions 2018.011.20063 and earlier, 2017.011.30102 and earlier, and 2015.006.30452 and earlier have a heap overflow vulnerability. Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Memory Corruption Adobe RCE Buffer Overflow Acrobat Dc +1
NVD
CVSS 3.0
7.8
EPSS
10.9%
Page 1 of 3 Next

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy