|
247991
|
7.8 |
HIGH
Local
|
triplea-game
|
triplea
|
Triplea version <= 1.9.0.0.10291 contains a XML External Entity (XXE) vulnerability in Importing game data that can result in Possible information disclosure, server-side request forgery, or remote c…
|
CWE-611
XXE
|
CVE-2018-1000546
|
2024-11-21 12:40 |
2018-06-27 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
247992
|
9.8 |
CRITICAL
Network
|
rubyzip_project
debian
redhat
|
rubyzip
debian_linux
cloudforms
|
rubyzip gem rubyzip version 1.2.1 and earlier contains a Directory Traversal vulnerability in Zip::File component that can result in write arbitrary files to the filesystem. This attack appear to be …
|
CWE-59
CWE-434
Link Following
Unrestricted Upload of File with Dangerous Type
|
CVE-2018-1000544
|
2024-11-21 12:40 |
2018-06-27 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
247993
|
6.1 |
MEDIUM
Network
|
rockiger
|
akiee
|
Akiee version 0.0.3 contains a XSS leading to code execution due to the use of node integration vulnerability in "Details" of a task is not validated that can result in XSS leading to abritrary code …
|
CWE-79
Cross-site Scripting
|
CVE-2018-1000543
|
2024-11-21 12:40 |
2018-06-27 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
247994
|
7.8 |
HIGH
Local
|
netbeans-mmd-plugin_project
|
netbeans-mmd-plugin
|
netbeans-mmd-plugin version <= 1.4.3 contains a XML External Entity (XXE) vulnerability in MMD file import that can result in Possible information disclosure, server-side request forgery, or remote c…
|
CWE-611
XXE
|
CVE-2018-1000542
|
2024-11-21 12:40 |
2018-06-27 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
247995
|
7.8 |
HIGH
Local
|
loboevolution_project
|
loboevolution
|
LoboEvolution version < 9b75694cedfa4825d4a2330abf2719d470c654cd contains a XML External Entity (XXE) vulnerability in XML Parsing when viewing the XML file in the browser that can result in disclosu…
|
CWE-611
XXE
|
CVE-2018-1000540
|
2024-11-21 12:40 |
2018-06-27 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
247996
|
5.3 |
MEDIUM
Network
|
json-jwt_project
|
json-jwt
|
Nov json-jwt version >= 0.5.0 && < 1.9.4 contains a CWE-347: Improper Verification of Cryptographic Signature vulnerability in Decryption of AES-GCM encrypted JSON Web Tokens that can result in Attac…
|
CWE-347
Improper Verification of Cryptographic Signature
|
CVE-2018-1000539
|
2024-11-21 12:40 |
2018-06-27 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
247997
|
7.5 |
HIGH
Network
|
minio
|
minio
|
Minio Inc. Minio S3 server version prior to RELEASE.2018-05-16T23-35-33Z contains a Allocation of Memory Without Limits or Throttling (similar to CWE-774) vulnerability in write-to-RAM that can resul…
|
CWE-774
Allocation of File Descriptors or Handles Without Limits or Throttling
|
CVE-2018-1000538
|
2024-11-21 12:40 |
2018-06-27 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
247998
|
9.8 |
CRITICAL
Network
|
marlinfw
|
marlin_firmware
|
Marlin Firmware Marlin version 1.1.x and earlier contains a Buffer Overflow vulnerability in cardreader.cpp (Depending on branch/version) that can result in Arbitrary code execution. This attack appe…
|
CWE-119
Incorrect Access of Indexable Resource ('Range Error')
|
CVE-2018-1000537
|
2024-11-21 12:40 |
2018-06-27 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
247999
|
6.1 |
MEDIUM
Network
|
getmedis
|
medis
|
Medis version 0.6.1 and earlier contains a XSS vulnerability evolving into code execution due to enabled nodeIntegration for the renderer process vulnerability in Key name parameter on new key creati…
|
CWE-79
Cross-site Scripting
|
CVE-2018-1000536
|
2024-11-21 12:40 |
2018-06-27 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
248000
|
7.5 |
HIGH
Network
|
lms
|
lms
|
lms version <= LMS_011123 contains a Local File Disclosure vulnerability in File reading functionality in LMS module that can result in Possible to read files on the server. This attack appear to be …
|
CWE-200
Information Exposure
|
CVE-2018-1000535
|
2024-11-21 12:40 |
2018-06-27 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
