|
247671
|
8.8 |
HIGH
Network
|
pivotal_software
|
operations_manager
|
Pivotal Operations Manager, versions 2.0.x prior to 2.0.24, versions 2.1.x prior to 2.1.15, versions 2.2.x prior to 2.2.7, and versions 2.3.x prior to 2.3.1, grants all users a scope which allows for…
|
CWE-269
Improper Privilege Management
|
CVE-2018-15762
|
2024-11-21 12:51 |
2018-11-3 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
247672
|
5.4 |
MEDIUM
Network
|
advantech
|
webaccess
|
Advantech WebAccess 8.3.1 and 8.3.2 are vulnerable to cross-site scripting in the Bwmainleft.asp page. An attacker could leverage this vulnerability to disclose credentials amongst other things.
|
CWE-79
Cross-site Scripting
|
CVE-2018-15707
|
2024-11-21 12:51 |
2018-11-1 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
247673
|
6.5 |
MEDIUM
Network
|
advantech
|
webaccess
|
WADashboard API in Advantech WebAccess 8.3.1 and 8.3.2 allows remote authenticated attackers to read any file on the filesystem due to a directory traversal vulnerability in the readFile API.
|
CWE-22
Path Traversal
|
CVE-2018-15706
|
2024-11-21 12:51 |
2018-11-1 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
247674
|
6.5 |
MEDIUM
Network
|
advantech
|
webaccess
|
WADashboard API in Advantech WebAccess 8.3.1 and 8.3.2 allows remote authenticated attackers to write or overwrite any file on the filesystem due to a directory traversal vulnerability in the writeFi…
|
CWE-22
Path Traversal
|
CVE-2018-15705
|
2024-11-21 12:51 |
2018-11-1 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
247675
|
8.8 |
HIGH
Adjacent
|
systemd_project
debian
canonical
redhat
|
systemd
debian_linux
ubuntu_linux
enterprise_linux_desktop
enterprise_linux_workstation
enterprise_linux_server
enterprise_linux_server_tus
enterprise_linux_server_eus
enterpr…
|
A buffer overflow vulnerability in the dhcp6 client of systemd allows a malicious dhcp6 server to overwrite heap memory in systemd-networkd. Affected releases are systemd: versions up to and includin…
|
CWE-120
Classic Buffer Overflow
|
CVE-2018-15688
|
2024-11-21 12:51 |
2018-10-26 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
247676
|
7.0 |
HIGH
Local
|
canonical
systemd_project
|
ubuntu_linux
systemd
|
A race condition in chown_one() of systemd allows an attacker to cause systemd to set arbitrary permissions on arbitrary files. Affected releases are systemd versions up to and including 239.
|
CWE-362
Race Condition
|
CVE-2018-15687
|
2024-11-21 12:51 |
2018-10-26 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
247677
|
7.8 |
HIGH
Local
|
debian
canonical
systemd_project
oracle
|
debian_linux
ubuntu_linux
systemd
communications_cloud_native_core_network_function_cloud_native_environment
|
A vulnerability in unit_deserialize of systemd allows an attacker to supply arbitrary state across systemd re-execution via NotifyAccess. This can be used to improperly influence systemd execution an…
|
CWE-502
Deserialization of Untrusted Data
|
CVE-2018-15686
|
2024-11-21 12:51 |
2018-10-26 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
247678
|
9.8 |
CRITICAL
Network
|
saltstack
|
salt
|
SaltStack Salt before 2017.7.8 and 2018.3.x before 2018.3.3 allow remote attackers to bypass authentication and execute arbitrary commands via salt-api(netapi).
|
CWE-287
Improper Authentication
|
CVE-2018-15751
|
2024-11-21 12:51 |
2018-10-25 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
247679
|
5.3 |
MEDIUM
Network
|
saltstack
|
salt
|
Directory Traversal vulnerability in salt-api in SaltStack Salt before 2017.7.8 and 2018.3.x before 2018.3.3 allows remote attackers to determine which files exist on the server.
|
CWE-22
Path Traversal
|
CVE-2018-15750
|
2024-11-21 12:51 |
2018-10-25 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
247680
|
8.8 |
HIGH
Network
|
advantech
|
webaccess
|
Advantech WebAccess 8.3.2 and below is vulnerable to a stack buffer overflow vulnerability. A remote authenticated attacker could potentially exploit this vulnerability by sending a crafted HTTP requ…
|
CWE-787
Out-of-bounds Write
|
CVE-2018-15704
|
2024-11-21 12:51 |
2018-10-23 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
