Skip to main content
CVE-2018-20231 HIGH POC This Week

Cross Site Request Forgery (CSRF) in the two-factor-authentication plugin before 1.3.13 for WordPress allows remote attackers to disable 2FA via the tfa_enable_tfa parameter due to missing nonce. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

CSRF WordPress Two Factor Authentication
NVD
CVSS 3.0
8.8
EPSS
1.4%
CVE-2018-20228 HIGH POC This Week

Subsonic V6.1.5 allows internetRadioSettings.view streamUrl CSRF, with resultant SSRF. Rated high severity (CVSS 8.0), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available and no vendor patch available.

CSRF SSRF Subsonic
NVD
CVSS 3.0
8.0
EPSS
0.4%
CVE-2018-20230 HIGH POC This Week

An issue was discovered in PSPP 1.2.0. Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Memory Corruption Denial Of Service Buffer Overflow Pspp
NVD
CVSS 3.0
7.8
EPSS
0.8%
CVE-2018-20227 HIGH POC PATCH This Week

RDF4J 2.4.2 allows Directory Traversal via ../ in an entry in a ZIP archive. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available.

Path Traversal Rdf4J
NVD GitHub
CVSS 3.1
7.5
EPSS
1.8%
CVE-2018-20299 CRITICAL Act Now

An issue was discovered in several Bosch Smart Home cameras (360 degree indoor camera and Eyes outdoor camera) with firmware before 6.52.4. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Buffer Overflow 360 Indoor Camera Firmware Eyes Outdoor Camera Firmware
NVD
CVSS 3.1
9.8
EPSS
1.9%
CVE-2018-20020 CRITICAL Act Now

LibVNC before commit 7b1ef0ffc4815cab9a96c7278394152bdc89dc4d contains heap out-of-bound write vulnerability inside structure in VNC client code that can result remote code execution. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Memory Corruption RCE Buffer Overflow Libvncserver Ubuntu Linux +1
NVD
CVSS 3.0
9.8
EPSS
8.6%
CVE-2018-20019 CRITICAL PATCH Act Now

LibVNC before commit a83439b9fbe0f03c48eb94ed05729cb016f8b72f contains multiple heap out-of-bound write vulnerabilities in VNC client code that can result remote code execution. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. This Out-of-bounds Write vulnerability could allow attackers to write data beyond allocated buffer boundaries leading to code execution or crashes.

Memory Corruption RCE Buffer Overflow Libvncserver Ubuntu Linux +7
NVD
CVSS 3.1
9.8
EPSS
9.4%
CVE-2018-15127 CRITICAL Act Now

LibVNC before commit 502821828ed00b4a2c4bef90683d0fd88ce495de contains heap out-of-bound write vulnerability in server code of file transfer extension that can result remote code execution. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Memory Corruption RCE Buffer Overflow Libvncserver Ubuntu Linux +7
NVD
CVSS 3.0
9.8
EPSS
15.1%
CVE-2018-15126 CRITICAL Act Now

LibVNC before commit 73cb96fec028a576a5a24417b57723b55854ad7b contains heap use-after-free vulnerability in server code of file transfer extension that can result remote code execution. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Memory Corruption RCE Use After Free Libvncserver Ubuntu Linux +1
NVD
CVSS 3.0
9.8
EPSS
11.8%
CVE-2018-19598 MEDIUM POC This Month

Statamic 2.10.3 allows XSS via First Name or Last Name to the /users URI in an 'Add new user' request. Rated medium severity (CVSS 4.8), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available and no vendor patch available.

XSS Statamic
NVD GitHub
CVSS 3.0
4.8
EPSS
0.6%
CVE-2018-19597 MEDIUM POC This Month

CMS Made Simple 2.2.8 allows XSS via an uploaded SVG document, a related issue to CVE-2017-16798. Rated medium severity (CVSS 4.8), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available and no vendor patch available.

XSS Cms Made Simple
NVD GitHub
CVSS 3.0
4.8
EPSS
0.7%
CVE-2018-19508 MEDIUM POC This Month

CMSimple 4.7.5 has XSS via an admin's upload of an SVG file at a ?userfiles&subdir=userfiles/images/flags/ URI. Rated medium severity (CVSS 4.8), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available and no vendor patch available.

XSS Cmsimple
NVD GitHub
CVSS 3.0
4.8
EPSS
0.6%
CVE-2018-19507 MEDIUM POC This Month

CMSimple 4.7.5 has XSS via an admin's use of a ?file=config&action=array URI. Rated medium severity (CVSS 4.8), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available and no vendor patch available.

XSS Cmsimple
NVD GitHub
CVSS 3.0
4.8
EPSS
0.6%
CVE-2018-19506 MEDIUM POC This Month

Zurmo 3.2.4 has XSS via an admin's use of the name parameter in the reports section, aka the app/index.php/reports/default/details?id=1 URI. Rated medium severity (CVSS 4.8), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available and no vendor patch available.

XSS PHP Zurmo
NVD GitHub
CVSS 3.0
4.8
EPSS
0.6%
CVE-2018-6307 HIGH This Week

LibVNC before commit ca2a5ac02fbbadd0a21fabba779c1ea69173d10b contains heap use-after-free vulnerability in server code of file transfer extension that can result remote code execution. Rated high severity (CVSS 8.1), this vulnerability is remotely exploitable, no authentication required. No vendor patch available.

Memory Corruption RCE Use After Free Libvncserver Ubuntu Linux +1
NVD GitHub
CVSS 3.0
8.1
EPSS
26.5%
CVE-2018-20024 HIGH This Week

LibVNC before commit 4a21bbd097ef7c44bb000c3bd0907f96a10e4ce7 contains null pointer dereference in VNC client code that can result DoS. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Null Pointer Dereference Denial Of Service Libvncserver Ubuntu Linux Debian Linux
NVD
CVSS 3.0
7.5
EPSS
3.3%
CVE-2018-20023 HIGH This Week

LibVNC before 8b06f835e259652b0ff026898014fc7297ade858 contains CWE-665: Improper Initialization vulnerability in VNC Repeater client code that allows attacker to read stack memory and can be abuse. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Information Disclosure Libvncserver Debian Linux Ubuntu Linux
NVD
CVSS 3.0
7.5
EPSS
2.5%
CVE-2018-20022 HIGH This Week

LibVNC before 2f5b2ad1c6c99b1ac6482c95844a84d66bb52838 contains multiple weaknesses CWE-665: Improper Initialization vulnerability in VNC client code that allows attacker to read stack memory and can. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Information Disclosure Libvncserver Debian Linux Ubuntu Linux
NVD
CVSS 3.0
7.5
EPSS
2.9%
CVE-2018-20021 HIGH This Week

LibVNC before commit c3115350eb8bb635d0fdb4dbbb0d0541f38ed19c contains a CWE-835: Infinite loop vulnerability in VNC client code. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Denial Of Service Libvncserver Ubuntu Linux Debian Linux
NVD
CVSS 3.0
7.5
EPSS
3.5%
CVE-2018-17195 HIGH PATCH This Week

The template upload API endpoint accepted requests from different domain when sent in conjunction with ARP spoofing + man in the middle (MiTM) attack, resulting in a CSRF attack. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required. No vendor patch available.

CSRF Apache Nifi
NVD
CVSS 3.0
7.5
EPSS
0.7%
CVE-2018-17194 HIGH PATCH This Week

When a client request to a cluster node was replicated to other nodes in the cluster for verification, the Content-Length was forwarded. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Apache Information Disclosure Nifi
NVD
CVSS 3.0
7.5
EPSS
3.0%
CVE-2018-15801 HIGH PATCH This Week

Spring Security versions 5.1.x prior to 5.1.2 contain an authorization bypass vulnerability during JWT issuer validation. Rated high severity (CVSS 7.4), this vulnerability is remotely exploitable, no authentication required. No vendor patch available.

Java Authentication Bypass Spring Framework
NVD
CVSS 3.1
7.4
EPSS
0.7%
CVE-2018-18999 HIGH This Week

WebAccess/SCADA, WebAccess/SCADA Version 8.3.2 installed on Windows 2008 R2 SP1. Rated high severity (CVSS 7.3), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Microsoft Buffer Overflow Webaccess Scada
NVD
CVSS 3.1
7.3
EPSS
2.3%
CVE-2018-11799 MEDIUM PATCH This Month

Vulnerability allows a user of Apache Oozie 3.1.3-incubating to 5.0.0 to impersonate other users. Rated medium severity (CVSS 6.5), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Apache Information Disclosure Oozie
NVD
CVSS 3.0
6.5
EPSS
1.5%
CVE-2018-20298 MEDIUM This Month

S3 Browser before 8.1.5 contains an XML external entity (XXE) vulnerability, allowing remote attackers to read arbitrary files and obtain NTLMv2 hash values by tricking a user into connecting to a. Rated medium severity (CVSS 6.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

XXE S3 Browser
NVD
CVSS 3.0
6.5
EPSS
1.4%
CVE-2018-17192 MEDIUM PATCH This Month

The X-Frame-Options headers were applied inconsistently on some HTTP responses, resulting in duplicate or missing security headers. Rated medium severity (CVSS 6.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

XSS Apache Nifi
NVD
CVSS 3.0
6.5
EPSS
2.7%
CVE-2018-17193 MEDIUM PATCH This Month

The message-page.jsp error page used the value of the HTTP request header X-ProxyContextPath without sanitization, resulting in a reflected XSS attack. Rated medium severity (CVSS 6.1), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

XSS Apache Nifi
NVD
CVSS 3.0
6.1
EPSS
2.8%
CVE-2018-16883 MEDIUM This Month

sssd versions from 1.13.0 to before 2.0.0 did not properly restrict access to the infopipe according to the "allowed_uids" configuration parameter. Rated medium severity (CVSS 5.5), this vulnerability is low attack complexity. No vendor patch available.

Information Disclosure Sssd
NVD
CVSS 3.0
5.5
EPSS
0.4%
CVE-2018-15798 MEDIUM PATCH This Month

Pivotal Concourse Release, versions 4.x prior to 4.2.2, login flow allows redirects to untrusted websites. Rated medium severity (CVSS 5.4), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Open Redirect Concourse
NVD
CVSS 3.0
5.4
EPSS
1.1%
CVE-2018-19596 MEDIUM This Month

Zurmo 3.2.4 allows HTML Injection via an admin's use of HTML in the report section, a related issue to CVE-2018-19506. Rated medium severity (CVSS 4.8), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

XSS Zurmo
NVD GitHub
CVSS 3.0
4.8
EPSS
0.6%

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy