Skip to main content
CVE-2018-18314 CRITICAL POC PATCH Act Now

Perl before 5.26.3 has a buffer overflow via a crafted regular expression that triggers invalid write operations. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available.

Buffer Overflow Perl Ubuntu Linux Debian Linux E Series Santricity Os Controller +4
NVD GitHub
CVSS 3.0
9.8
EPSS
6.1%
CVE-2018-7364 CRITICAL POC THREAT Act Now

All versions up to ZXINOS-RESV1.01.43 of the ZTE ZXIN10 product European region are impacted by improper access control vulnerability. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Authentication Bypass Zte RCE Zxin10
NVD GitHub
CVSS 3.1
9.8
EPSS
10.3%
CVE-2018-18313 CRITICAL POC PATCH Act Now

Perl before 5.26.3 has a buffer over-read via a crafted regular expression that triggers disclosure of sensitive information from process memory. Rated critical severity (CVSS 9.1), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available.

Information Disclosure Buffer Overflow Perl Ubuntu Linux Debian Linux +6
NVD GitHub
CVSS 3.0
9.1
EPSS
9.5%
CVE-2018-9578 CRITICAL Act Now

In ixheaacd_adts_crc_start_reg of ixheaacd_adts_crc_check.c, there is a possible out of bounds write due to a missing bounds check. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Google Memory Corruption Buffer Overflow Privilege Escalation Android
NVD
CVSS 3.1
9.8
EPSS
0.8%
CVE-2018-18311 CRITICAL PATCH Act Now

Perl before 5.26.3 and 5.28.x before 5.28.1 has a buffer overflow via a crafted regular expression that triggers invalid write operations. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. This Integer Overflow vulnerability could allow attackers to cause unexpected behavior through arithmetic overflow.

Integer Overflow Buffer Overflow Perl Ubuntu Linux Debian Linux +15
NVD GitHub
CVSS 3.0
9.8
EPSS
11.7%
CVE-2018-11905 CRITICAL PATCH Act Now

In all android releases(Android for MSM, Firefox OS for MSM, QRD Android) from CAF using the linux kernel, Possible buffer overflow in WLAN function due to lack of input validation in values received. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity.

Google Mozilla Linux Buffer Overflow Android
NVD
CVSS 3.0
9.8
EPSS
0.9%
CVE-2018-15362 CRITICAL Act Now

XXE in GE Proficy Cimplicity GDS versions 9.0 R2, 9.5, 10.0. Rated critical severity (CVSS 9.1), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

XXE Cimplicity
NVD
CVSS 3.0
9.1
EPSS
2.7%
CVE-2018-7066 CRITICAL Act Now

An unauthenticated remote command execution exists in Aruba ClearPass Policy Manager on linked devices. Rated critical severity (CVSS 9.0), this vulnerability is remotely exploitable, no authentication required. No vendor patch available.

Aruba Information Disclosure Clearpass Policy Manager
NVD
CVSS 3.0
9.0
EPSS
3.5%

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy