|
248001
|
7.2 |
HIGH
Network
|
jfrog
|
artifactory
|
JFrog JFrog Artifactory version Prior to version 6.0.3, since version 4.0.0 contains a Directory Traversal vulnerability in The "Import Repository from Zip" feature, available through the Admin menu …
|
CWE-22
Path Traversal
|
CVE-2018-1000623
|
2024-11-21 12:40 |
2018-07-10 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
248002
|
8.1 |
HIGH
Network
|
mycroft
|
mycroft-core
|
Mycroft AI mycroft-core version 18.2.8b and earlier contains a Incorrect Access Control vulnerability in Websocket configuration that can result in code execution. This impacts ONLY the Mycroft for L…
|
CWE-732
Incorrect Permission Assignment for Critical Resource
|
CVE-2018-1000621
|
2024-11-21 12:40 |
2018-07-10 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
248003
|
9.8 |
CRITICAL
Network
|
cryptiles_project
|
cryptiles
|
Eran Hammer cryptiles version 4.1.1 earlier contains a CWE-331: Insufficient Entropy vulnerability in randomDigits() method that can result in An attacker is more likely to be able to brute force som…
|
CWE-331
Insufficient Entropy
|
CVE-2018-1000620
|
2024-11-21 12:40 |
2018-07-10 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
248004
|
8.8 |
HIGH
Network
|
ovidentia
|
ovidentia
|
Ovidentia version 8.4.3 and earlier contains a Unsanitized User Input vulnerability in utilit.php, bab_getAddonFilePathfromTg that can result in Authenticated Remote Code Execution. This attack appea…
|
CWE-434
Unrestricted Upload of File with Dangerous Type
|
CVE-2018-1000619
|
2024-11-21 12:40 |
2018-07-10 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
248005
|
9.8 |
CRITICAL
Network
|
eosio_project
|
eos
|
EOSIO/eos eos version after commit f1545dd0ae2b77580c2236fdb70ae7138d2c7168 contains a stack overflow vulnerability in abi_serializer that can result in attack eos network node. This attack appear to…
|
CWE-674
Uncontrolled Recursion
|
CVE-2018-1000618
|
2024-11-21 12:40 |
2018-07-10 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
248006
|
7.5 |
HIGH
Network
|
atlassian
|
floodlight_controller
|
Atlassian Floodlight Atlassian Floodlight Controller version 1.2 and earlier versions contains a Denial of Service vulnerability in Forwarding module that can result in Improper type cast in Forwardi…
|
CWE-20
Improper Input Validation
|
CVE-2018-1000617
|
2024-11-21 12:40 |
2018-07-10 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
248007
|
9.8 |
CRITICAL
Network
|
onosproject
|
onos
|
ONOS ONOS controller version 1.13.1 and earlier contains a XML External Entity (XXE) vulnerability in onos\drivers\utilities\src\main\java\org\onosproject\drivers\utilities\XmlConfigParser.java loadx…
|
CWE-611
XXE
|
CVE-2018-1000616
|
2024-11-21 12:40 |
2018-07-10 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
248008
|
7.5 |
HIGH
Network
|
onosproject
|
onos
|
ONOS ONOS Controller version 1.13.1 and earlier contains a Denial of Service (Service crash) vulnerability in OVSDB component in ONOS that can result in An adversary can remotely crash OVSDB service …
|
NVD-CWE-noinfo
|
CVE-2018-1000615
|
2024-11-21 12:40 |
2018-07-10 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
248009
|
9.8 |
CRITICAL
Network
|
onosproject
|
onos
|
ONOS ONOS Controller version 1.13.1 and earlier contains a XML External Entity (XXE) vulnerability in providers/netconf/alarm/src/main/java/org/onosproject/provider/netconf/alarm/NetconfAlarmTranslat…
|
CWE-611
XXE
|
CVE-2018-1000614
|
2024-11-21 12:40 |
2018-07-10 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
248010
|
6.1 |
MEDIUM
Network
|
openconext
|
openconext_engineblock
|
SURFnet OpenConext EngineBlock version 5.7.0 to 5.7.3 contains a Cross Site Scripting (XSS) vulnerability that can result in Allows an attacker to inject arbitrary web scripts or HTML into help and l…
|
CWE-79
Cross-site Scripting
|
CVE-2018-1000611
|
2024-11-21 12:40 |
2018-07-10 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
