Skip to main content
CVE-2018-18420 HIGH POC This Week

Cross-Site Request Forgery (CSRF) vulnerability was discovered in the 8.3 version of Zenario Content Management System via the admin/organizer.ajax.php?path=zenario__content%2Fpanels%2Fcontent URI. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

CSRF PHP Zenario
NVD
CVSS 3.0
8.8
EPSS
0.8%
CVE-2018-12669 HIGH POC This Week

SV3C L-SERIES HD CAMERA V2.3.4.2103-S50-NTD-B20170508B and V2.3.4.2103-S50-NTD-B20170823B devices allow remote authenticated users to reset arbitrary accounts via a request to. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available and no vendor patch available.

Information Disclosure H 264 Poe Ip Camera Firmware
NVD
CVSS 3.0
8.8
EPSS
1.4%
CVE-2018-18284 HIGH POC PATCH THREAT This Week

Artifex Ghostscript 9.25 and earlier allows attackers to bypass a sandbox protection mechanism via vectors involving the 1Policy operator. Rated high severity (CVSS 8.6), this vulnerability is no authentication required, low attack complexity. Public exploit code available.

Authentication Bypass Ghostscript Debian Linux Ubuntu Linux Gpl Ghostscript +7
NVD
CVSS 3.0
8.6
EPSS
16.3%
CVE-2018-18026 HIGH POC This Week

IMFCameraProtect.sys in IObit Malware Fighter 6.2 (and possibly lower versions) is vulnerable to a stack-based buffer overflow. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. Public exploit code available and no vendor patch available.

Memory Corruption RCE Buffer Overflow Denial Of Service Malware Fighter
NVD
CVSS 3.0
7.8
EPSS
0.8%
CVE-2018-18428 HIGH POC THREAT This Week

TP-Link TL-SC3130 1.6.18P12_121101 devices allow unauthenticated RTSP stream access, as demonstrated by a /jpg/image.jpg URI. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Information Disclosure TP-Link Tl Sc3130 Firmware
NVD Exploit-DB
CVSS 3.0
7.5
EPSS
11.5%
CVE-2018-12673 HIGH POC This Week

An attacker with remote access to the SV3C HD Camera (L-SERIES V2.3.4.2103-S50-NTD-B20170508B and V2.3.4.2103-S50-NTD-B20170823B) web interface can disclose information about the camera including. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Information Disclosure H 264 Poe Ip Camera Firmware
NVD
CVSS 3.0
7.5
EPSS
1.2%
CVE-2018-18392 HIGH This Week

Privilege Escalation via Broken Access Control in Moxa ThingsPro IIoT Gateway and Device Management Software Solutions version 2.1. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Privilege Escalation Thingspro
NVD
CVSS 3.0
8.8
EPSS
1.0%
CVE-2018-18391 HIGH This Week

User Privilege Escalation in Moxa ThingsPro IIoT Gateway and Device Management Software Solutions version 2.1. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Privilege Escalation Thingspro
NVD
CVSS 3.0
8.8
EPSS
1.0%
CVE-2018-18224 HIGH This Week

A vulnerability exists in the file reading procedure in Open Design Alliance Drawings SDK 2019Update1 on non-Windows platforms in which attackers could perform read operations past the end, or before. Rated high severity (CVSS 8.1), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Microsoft Information Disclosure Buffer Overflow Drawings Sdk Outside In Technology
NVD
CVSS 3.0
8.1
EPSS
2.2%
CVE-2018-18223 HIGH This Week

Open Design Alliance Drawings SDK 2019Update1 has a vulnerability during the reading of malformed files, allowing attackers to obtain sensitive information from process memory or cause a crash. Rated high severity (CVSS 8.1), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Denial Of Service Drawings Sdk Outside In Technology
NVD
CVSS 3.0
8.1
EPSS
2.2%
CVE-2018-18390 HIGH This Week

User Enumeration in Moxa ThingsPro IIoT Gateway and Device Management Software Solutions version 2.1. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Information Disclosure Thingspro
NVD
CVSS 3.0
7.5
EPSS
1.1%

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy