Skip to main content
CVE-2018-20409 MEDIUM POC This Month

An issue was discovered in Bento4 1.5.1-627. Rated medium severity (CVSS 6.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Information Disclosure Buffer Overflow Bento4
NVD GitHub
CVSS 3.0
6.5
EPSS
1.1%
CVE-2018-20408 MEDIUM POC This Month

An issue was discovered in Bento4 1.5.1-627. Rated medium severity (CVSS 6.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Information Disclosure Bento4
NVD GitHub
CVSS 3.0
6.5
EPSS
1.2%
CVE-2018-20407 MEDIUM POC This Month

An issue was discovered in Bento4 1.5.1-627. Rated medium severity (CVSS 6.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Information Disclosure Bento4
NVD GitHub
CVSS 3.0
6.5
EPSS
1.2%
CVE-2018-20369 MEDIUM POC This Month

Barracuda Message Archiver 2018 has XSS in the error_msg exception-handling value for the ldap_user parameter to the cgi-mod/ldap_load_entry.cgi module. Rated medium severity (CVSS 6.1), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

XSS Barracuda Message Archiver
NVD
CVSS 3.0
6.1
EPSS
0.7%
CVE-2018-20376 MEDIUM POC This Month

An issue was discovered in Tiny C Compiler (aka TinyCC or TCC) 0.9.27. Rated medium severity (CVSS 5.5), this vulnerability is no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Memory Corruption Buffer Overflow Tinycc
NVD
CVSS 3.0
5.5
EPSS
0.7%
CVE-2018-20375 MEDIUM POC This Month

An issue was discovered in Tiny C Compiler (aka TinyCC or TCC) 0.9.27. Rated medium severity (CVSS 5.5), this vulnerability is no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Memory Corruption Buffer Overflow Tinycc
NVD
CVSS 3.0
5.5
EPSS
0.7%
CVE-2018-20374 MEDIUM POC This Month

An issue was discovered in Tiny C Compiler (aka TinyCC or TCC) 0.9.27. Rated medium severity (CVSS 5.5), this vulnerability is no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Memory Corruption Buffer Overflow Tinycc
NVD
CVSS 3.0
5.5
EPSS
0.7%
CVE-2018-20373 MEDIUM POC This Month

Tenda ADSL modem routers 1.0.1 allow XSS via the hostname of a DHCP client. Rated medium severity (CVSS 5.4), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available and no vendor patch available.

XSS Tenda Adsl Firmware
NVD
CVSS 3.0
5.4
EPSS
0.6%
CVE-2018-20372 MEDIUM POC This Month

TP-Link TD-W8961ND devices allow XSS via the hostname of a DHCP client. Rated medium severity (CVSS 5.4), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available and no vendor patch available.

XSS TP-Link Td W8961Nd Firmware
NVD
CVSS 3.0
5.4
EPSS
0.6%
CVE-2018-20368 MEDIUM POC This Month

The Master Slider plugin 3.2.7 and 3.5.1 for WordPress has XSS via the wp-admin/admin-ajax.php Name input field of the MSPanel.Settings value on Callback. Rated medium severity (CVSS 5.4), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available and no vendor patch available.

WordPress XSS PHP Master Slider
NVD
CVSS 3.0
5.4
EPSS
0.7%
CVE-2018-20379 MEDIUM POC This Month

Technicolor DPC3928SL D3928SL-PSIP-13-A010-c3420r55105-160428a devices allow XSS via a Cross Protocol Injection attack with setSSID of 1.3.6.1.4.1.4413.2.2.2.1.18.1.2.1.1.3.10001. Rated medium severity (CVSS 4.7), this vulnerability is remotely exploitable, no authentication required. Public exploit code available and no vendor patch available.

XSS Dpc3928Sl Firmware
NVD
CVSS 3.0
4.7
EPSS
0.6%
CVE-2018-20370 MEDIUM PATCH This Month

SZ NetChat before 7.9 has XSS in the MyName input field of the Options module. Rated medium severity (CVSS 5.4), this vulnerability is remotely exploitable, low attack complexity. This Cross-Site Scripting (XSS) vulnerability could allow attackers to inject malicious scripts into web pages viewed by other users.

XSS Netchat
NVD
CVSS 3.0
5.4
EPSS
0.5%

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy