Skip to main content
CVE-2018-12759 HIGH This Week

Adobe Acrobat and Reader versions 2018.011.20063 and earlier, 2017.011.30102 and earlier, and 2015.006.30452 and earlier have an out-of-bounds write vulnerability. Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Memory Corruption Adobe RCE Buffer Overflow Acrobat Dc +1
NVD
CVSS 3.0
7.8
EPSS
4.0%
CVE-2018-17898 HIGH This Week

Yokogawa STARDOM Controllers FCJ,FCN-100, FCN-RTU, FCN-500, All versions R4.10 and prior, The controller application fails to prevent memory exhaustion by unauthorized requests. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Denial Of Service Fcj Firmware Fcn 100 Firmware Fcn Rtu Firmware Fcn 500 Firmware
NVD
CVSS 3.0
7.5
EPSS
1.2%
CVE-2018-8890 HIGH This Week

An information disclosure vulnerability in the Management Console of BlackBerry UEM 12.8.0 and 12.8.1 could allow an attacker to take over a UEM user's session and perform administrative actions in. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Information Disclosure Unified Endpoint Manager
NVD
CVSS 3.1
7.5
EPSS
1.1%
CVE-2018-12469 HIGH This Week

Incorrect handling of an invalid value for an HTTP request parameter by Directory Server (aka Enterprise Server Administration web UI) in Micro Focus Enterprise Developer and Enterprise Server 2.3. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Null Pointer Dereference Denial Of Service Enterprise Developer Enterprise Server
NVD
CVSS 3.0
7.5
EPSS
1.1%
CVE-2018-18227 HIGH PATCH This Week

In Wireshark 2.6.0 to 2.6.3 and 2.4.0 to 2.4.9, the MS-WSP protocol dissector could crash. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. This NULL Pointer Dereference vulnerability could allow attackers to crash the application by dereferencing a null pointer.

Null Pointer Dereference Denial Of Service Wireshark Debian Linux
NVD
CVSS 3.0
7.5
EPSS
3.1%
CVE-2018-18226 HIGH PATCH This Week

In Wireshark 2.6.0 to 2.6.3, the Steam IHS Discovery dissector could consume system memory. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity.

Information Disclosure Wireshark Debian Linux
NVD
CVSS 3.0
7.5
EPSS
3.2%
CVE-2018-18225 HIGH PATCH This Week

In Wireshark 2.6.0 to 2.6.3, the CoAP dissector could crash. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity.

Denial Of Service Wireshark Debian Linux Leap
NVD
CVSS 3.1
7.5
EPSS
2.9%
CVE-2018-1844 HIGH PATCH This Week

IBM FileNet Content Manager 5.2.1 and 5.5.0 is vulnerable to a XML External Entity Injection (XXE) attack when processing XML data. Rated high severity (CVSS 7.1), this vulnerability is remotely exploitable, low attack complexity. This XML External Entity (XXE) vulnerability could allow attackers to read arbitrary files or perform SSRF through XML processing.

IBM XXE Filenet Content Manager
NVD
CVSS 3.0
7.1
EPSS
1.9%
Prev Page 2 of 2

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy