|
247711
|
7.8 |
HIGH
Local
|
yelp
|
osxcollector
|
An issue was discovered in Yelp OSXCollector. A maliciously crafted Universal/fat binary can evade third-party code signing checks. By not completing full inspection of the Universal/fat binary, the …
|
CWE-295
Improper Certificate Validation
|
CVE-2018-10406
|
2024-11-21 12:41 |
2018-06-14 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
247712
|
7.8 |
HIGH
Local
|
google
|
santa
|
An issue was discovered in Google Santa and molcodesignchecker. A maliciously crafted Universal/fat binary can evade third-party code signing checks. By not completing full inspection of the Universa…
|
CWE-295
Improper Certificate Validation
|
CVE-2018-10405
|
2024-11-21 12:41 |
2018-06-14 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
247713
|
7.8 |
HIGH
Local
|
objective-see
|
procinfo
whatsyoursign
taskexplorer
lulu
knockknock
|
An issue was discovered in Objective-See KnockKnock, LuLu, TaskExplorer, WhatsYourSign, and procInfo. A maliciously crafted Universal/fat binary can evade third-party code signing checks. By not comp…
|
CWE-295
Improper Certificate Validation
|
CVE-2018-10404
|
2024-11-21 12:41 |
2018-06-14 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
247714
|
7.8 |
HIGH
Local
|
f-secure
|
xfence
|
An issue was discovered in F-Secure XFENCE and Little Flocker. A maliciously crafted Universal/fat binary can evade third-party code signing checks. By not completing full inspection of the Universal…
|
CWE-295
Improper Certificate Validation
|
CVE-2018-10403
|
2024-11-21 12:41 |
2018-06-14 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
247715
|
7.5 |
HIGH
Network
|
wpdevart
|
booking_calendar
|
An issue was discovered in the WpDevArt "Booking calendar, Appointment Booking System" plugin 2.2.2 for WordPress. Multiple parameters allow remote attackers to manipulate the values to change data s…
|
CWE-20
Improper Input Validation
|
CVE-2018-10363
|
2024-11-21 12:41 |
2018-06-14 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
247716
|
8.8 |
HIGH
Network
|
trendmicro
|
officescan
|
A vulnerability in Trend Micro OfficeScan 11.0 SP1 and XG could allow a attacker to exploit it via a Browser Refresh attack on vulnerable installations. An attacker must be using a AD logon user acco…
|
NVD-CWE-noinfo
|
CVE-2018-10509
|
2024-11-21 12:41 |
2018-06-13 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
247717
|
8.8 |
HIGH
Network
|
trendmicro
|
officescan
|
A vulnerability in Trend Micro OfficeScan 11.0 SP1 and XG could allow a attacker to use a specially crafted URL to elevate account permissions on vulnerable installations. An attacker must already ha…
|
NVD-CWE-noinfo
|
CVE-2018-10508
|
2024-11-21 12:41 |
2018-06-13 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
247718
|
4.4 |
MEDIUM
Local
|
trendmicro
|
officescan
|
A vulnerability in Trend Micro OfficeScan 11.0 SP1 and XG could allow a attacker to take a series of steps to bypass or render the OfficeScan Unauthorized Change Prevention inoperable on vulnerable i…
|
NVD-CWE-noinfo
|
CVE-2018-10507
|
2024-11-21 12:41 |
2018-06-13 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
247719
|
5.3 |
MEDIUM
Network
|
objective_development
|
little_snitch
|
Little Snitch versions 4.0 to 4.0.6 use the SecStaticCodeCheckValidityWithErrors() function without the kSecCSCheckAllArchitectures flag and therefore do not validate all architectures stored in a fa…
|
CWE-347
Improper Verification of Cryptographic Signature
|
CVE-2018-10470
|
2024-11-21 12:41 |
2018-06-13 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
247720
|
6.5 |
MEDIUM
Network
|
file_project
canonical
opensuse
|
file
ubuntu_linux
leap
|
The do_core_note function in readelf.c in libmagic.a in file 5.33 allows remote attackers to cause a denial of service (out-of-bounds read and application crash) via a crafted ELF file.
|
CWE-125
Out-of-bounds Read
|
CVE-2018-10360
|
2024-11-21 12:41 |
2018-06-11 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
