Skip to main content
CVE-2018-7804 MEDIUM This Month

A URL Redirection to Untrusted Site vulnerability exists in the embedded web servers in all Modicon M340, Premium, Quantum PLCs and BMXNOR0200 where a user clicking on a specially crafted link can be. Rated medium severity (CVSS 6.1), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Open Redirect Modicom M340 Firmware Modicom Premium Firmware Modicom Quantum Firmware Modicom Bmxnor0200H Firmware
NVD
CVSS 3.0
6.1
EPSS
0.9%
CVE-2018-7797 MEDIUM This Month

A URL redirection vulnerability exists in Power Monitoring Expert, Energy Expert (formerly Power Manager) - EcoStruxure Power Monitoring Expert (PME) v8.2 (all editions), EcoStruxure Energy Expert. Rated medium severity (CVSS 6.1), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Open Redirect Ecostruxure Energy Expert Ecostruxure Power Monitoring Expert Ecostruxure Power Scada Operation
NVD
CVSS 3.0
6.1
EPSS
0.8%
CVE-2018-20123 MEDIUM PATCH This Month

pvrdma_realize in hw/rdma/vmw/pvrdma_main.c in QEMU has a Memory leak after an initialisation error. Rated medium severity (CVSS 5.5), this vulnerability is low attack complexity.

Information Disclosure Qemu Ubuntu Linux Fedora
NVD
CVSS 3.1
5.5
EPSS
0.5%
CVE-2018-20168 MEDIUM PATCH This Month

Google gVisor before 2018-08-22 reuses a pagetable in a different level with the paging-structure cache intact, which allows attackers to cause a denial of service ("physical address not valid". Rated medium severity (CVSS 5.5), this vulnerability is no authentication required, low attack complexity.

Google Denial Of Service Gvisor
NVD
CVSS 3.0
5.5
EPSS
0.3%
CVE-2018-1891 MEDIUM This Month

IBM Security Guardium 10 and 10.5 is vulnerable to cross-site scripting. Rated medium severity (CVSS 5.4), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

XSS IBM Security Guardium
NVD
CVSS 3.0
5.4
EPSS
1.0%
CVE-2018-1889 MEDIUM This Month

IBM Security Guardium 10.0 and 10.5 is vulnerable to cross-site scripting. Rated medium severity (CVSS 5.4), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

XSS IBM Security Guardium
NVD
CVSS 3.0
5.4
EPSS
1.0%
Prev Page 2 of 2

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy