Skip to main content
CVE-2018-3920 MEDIUM POC This Month

An exploitable code execution vulnerability exists in the firmware update functionality of the Yi Home Camera 27US 1.8.7.0D. Rated medium severity (CVSS 6.8), this vulnerability is no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

RCE Yi Home Camera Firmware
NVD
CVSS 3.1
6.8
EPSS
0.6%
CVE-2018-3890 MEDIUM POC This Month

An exploitable code execution vulnerability exists in the firmware update functionality of Yi Home Camera 27US 1.8.7.0D. Rated medium severity (CVSS 6.8), this vulnerability is no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

RCE Command Injection Yi Home Camera Firmware
NVD
CVSS 3.1
6.8
EPSS
1.7%
CVE-2018-18897 MEDIUM POC This Month

An issue was discovered in Poppler 0.71.0. Rated medium severity (CVSS 6.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Information Disclosure Poppler Debian Linux Ubuntu Linux Enterprise Linux +6
NVD
CVSS 3.1
6.5
EPSS
2.0%
CVE-2018-3891 MEDIUM POC This Month

An exploitable firmware downgrade vulnerability exists in the firmware update functionality of Yi Home Camera 27US 1.8.7.0D. Rated medium severity (CVSS 4.6), this vulnerability is no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Information Disclosure Yi Home Camera Firmware
NVD
CVSS 3.1
4.6
EPSS
0.4%
CVE-2018-1876 MEDIUM PATCH This Month

IBM Robotic Process Automation with Automation Anywhere 11 could under certain cases, display the password in a Control Room log file after installation. Rated medium severity (CVSS 5.5), this vulnerability is low attack complexity.

IBM Information Disclosure Robotic Process Automation With Automation Anywhere
NVD
CVSS 3.0
5.5
EPSS
0.4%
CVE-2018-1878 MEDIUM PATCH This Month

IBM Robotic Process Automation with Automation Anywhere 11 could disclose sensitive information in a web request that could aid in future attacks against the system. Rated medium severity (CVSS 5.3), this vulnerability is remotely exploitable, no authentication required, low attack complexity. This Exposure of Sensitive Information vulnerability could allow attackers to access sensitive data that should not be disclosed.

IBM Information Disclosure Robotic Process Automation With Automation Anywhere
NVD
CVSS 3.0
5.3
EPSS
1.3%
CVE-2018-1788 MEDIUM PATCH This Month

IBM Spectrum Protect Server 7.1 and 8.1 could disclose highly sensitive information via trace logs to a local privileged user. Rated medium severity (CVSS 4.4), this vulnerability is low attack complexity.

IBM Information Disclosure Spectrum Protect Server
NVD
CVSS 3.0
4.4
EPSS
0.4%

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy