Skip to main content
CVE-2018-10143 CRITICAL POC THREAT Act Now

The Palo Alto Networks Expedition Migration tool 1.0.107 and earlier may allow an unauthenticated attacker with remote access to run system level commands on the device hosting this. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Privilege Escalation Paloalto Expedition
NVD
CVSS 3.0
9.8
EPSS
24.8%
CVE-2018-13816 CRITICAL Act Now

A vulnerability has been identified in TIM 1531 IRC (All version < V2.0). Rated critical severity (CVSS 10.0), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Authentication Bypass Tim 1531 Irc Firmware
NVD
CVSS 3.0
10.0
EPSS
2.8%
CVE-2018-15719 CRITICAL Act Now

Open Dental before version 18.4 installs a mysql database and uses the default credentials of "root" with a blank password. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Authentication Bypass Opendental
NVD
CVSS 3.0
9.8
EPSS
1.1%
CVE-2018-11466 CRITICAL Act Now

A vulnerability has been identified in SINUMERIK 808D V4.7 (All versions), SINUMERIK 808D V4.8 (All versions), SINUMERIK 828D V4.7 (All versions < V4.7 SP6 HF1), SINUMERIK 840D sl V4.7 (All versions. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Information Disclosure Sinumerik 808D V4 7 Firmware Sinumerik 808D V4 8 Firmware Sinumerik 840D Sl V4 7 Firmware Sinumerik 840D Sl V4 8 Firmware +1
NVD
CVSS 3.0
9.8
EPSS
4.0%
CVE-2018-11462 CRITICAL Act Now

A vulnerability has been identified in SINUMERIK 808D V4.7 (All versions), SINUMERIK 808D V4.8 (All versions), SINUMERIK 828D V4.7 (All versions < V4.7 SP6 HF1), SINUMERIK 840D sl V4.7 (All versions. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Privilege Escalation Sinumerik 808D V4 7 Firmware Sinumerik 808D V4 8 Firmware Sinumerik 828D V4 7 Firmware Sinumerik 840D Sl V4 7 Firmware +1
NVD
CVSS 3.0
9.8
EPSS
3.7%
CVE-2018-8626 CRITICAL PATCH Act Now

A remote code execution vulnerability exists in Windows Domain Name System (DNS) servers when they fail to properly handle requests, aka "Windows DNS Server Heap Overflow Vulnerability." This affects. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. This Out-of-bounds Write vulnerability could allow attackers to write data beyond allocated buffer boundaries leading to code execution or crashes.

Memory Corruption Microsoft RCE Buffer Overflow Windows 10 +3
NVD
CVSS 3.0
9.8
EPSS
21.1%
CVE-2018-8540 CRITICAL PATCH Act Now

A remote code execution vulnerability exists when the Microsoft .NET Framework fails to validate input properly, aka ".NET Framework Remote Code Injection Vulnerability." This affects Microsoft .NET. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity.

Code Injection Microsoft RCE Net Framework
NVD
CVSS 3.0
9.8
EPSS
22.1%

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy