|
248161
|
8.8 |
HIGH
Network
|
jfrog
|
artifactory
|
JFrog Artifactory version since 5.11 contains a Cross ite Request Forgery (CSRF) vulnerability in UI rest endpoints that can result in Classic CSRF attack allowing an attacker to perform actions as l…
|
CWE-352
Origin Validation Error
|
CVE-2018-1000206
|
2024-11-21 12:39 |
2018-07-14 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
248162
|
7.8 |
HIGH
Local
|
yamldotnet_project
|
yamldotnet
|
YamlDotNet version 4.3.2 and earlier contains a Insecure Direct Object Reference vulnerability in The default behavior of Deserializer.Deserialize() will deserialize user-controlled types in the line…
|
CWE-502
CWE-639
Deserialization of Untrusted Data
Authorization Bypass Through User-Controlled Key
|
CVE-2018-1000210
|
2024-11-21 12:39 |
2018-07-14 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
248163
|
8.8 |
HIGH
Network
|
sensu
|
sensu_core
|
Sensu, Inc. Sensu Core version Before version 1.4.2-3 contains a Insecure Permissions vulnerability in Sensu Core on Windows platforms that can result in Unprivileged users may execute code in contex…
|
CWE-732
Incorrect Permission Assignment for Critical Resource
|
CVE-2018-1000209
|
2024-11-21 12:39 |
2018-07-14 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
248164
|
6.5 |
MEDIUM
Network
|
microsoft
|
internet_explorer
|
A security feature bypass vulnerability exists when Microsoft Internet Explorer improperly handles requests involving UNC resources, aka "Internet Explorer Security Feature Bypass Vulnerability." Thi…
|
NVD-CWE-noinfo
|
CVE-2018-0949
|
2024-11-21 12:39 |
2018-07-11 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
248165
|
7.8 |
HIGH
Local
|
jenkins
|
aws_codebuild
|
Jenkins project Jenkins AWS CodeBuild Plugin version 0.26 and earlier contains a Insufficiently Protected Credentials vulnerability in AWSClientFactory.java, CodeBuilder.java that can result in Crede…
|
CWE-522
Insufficiently Protected Credentials
|
CVE-2018-1000404
|
2024-11-21 12:39 |
2018-07-9 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
248166
|
7.8 |
HIGH
Local
|
jenkins
|
aws_codedeploy
|
Jenkins project Jenkins AWS CodeDeploy Plugin version 1.19 and earlier contains a Insufficiently Protected Credentials vulnerability in AWSCodeDeployPublisher.java that can result in Credentials Disc…
|
CWE-522
Insufficiently Protected Credentials
|
CVE-2018-1000403
|
2024-11-21 12:39 |
2018-07-9 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
248167
|
4.3 |
MEDIUM
Network
|
jenkins
|
aws_codedeploy
|
Jenkins project Jenkins AWS CodeDeploy Plugin version 1.19 and earlier contains a File and Directory Information Exposure vulnerability in AWSCodeDeployPublisher.java that can result in Disclosure of…
|
CWE-200
Information Exposure
|
CVE-2018-1000402
|
2024-11-21 12:39 |
2018-07-9 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
248168
|
7.8 |
HIGH
Local
|
jenkins
|
aws_codepipeline
|
Jenkins project Jenkins AWS CodePipeline Plugin version 0.36 and earlier contains a Insufficiently Protected Credentials vulnerability in AWSCodePipelineSCM.java that can result in Credentials Disclo…
|
CWE-522
Insufficiently Protected Credentials
|
CVE-2018-1000401
|
2024-11-21 12:39 |
2018-07-9 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
248169
|
5.5 |
MEDIUM
Local
|
denx
|
u-boot
|
U-Boot contains a CWE-20: Improper Input Validation vulnerability in Verified boot signature validation that can result in Bypass verified boot. This attack appear to be exploitable via Specially cra…
|
CWE-20
Improper Input Validation
|
CVE-2018-1000205
|
2024-11-21 12:39 |
2018-06-27 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
248170
|
5.3 |
MEDIUM
Network
|
linux
debian
canonical
|
linux_kernel
debian_linux
ubuntu_linux
|
Linux Kernel version 3.18 to 4.16 incorrectly handles an SG_IO ioctl on /dev/sg0 with dxfer_direction=SG_DXFER_FROM_DEV and an empty 6-byte cmdp. This may lead to copying up to 1000 kernel heap pages…
|
NVD-CWE-noinfo
|
CVE-2018-1000204
|
2024-11-21 12:39 |
2018-06-26 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
