|
247911
|
7.5 |
HIGH
Network
|
tockos
|
tock
|
TOCK version prior to commit 42f7f36e74088036068d62253e1d8fb26605feed. For example dfde28196cd12071fcf6669f7654be7df482b85d contains a Insecure Permissions vulnerability in Function get_package_name …
|
CWE-732
Incorrect Permission Assignment for Critical Resource
|
CVE-2018-1000660
|
2024-11-21 12:40 |
2018-09-7 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
247912
|
8.8 |
HIGH
Network
|
limesurvey
|
limesurvey
|
LimeSurvey version 3.14.4 and earlier contains a directory traversal in file upload that allows upload of webshell vulnerability in file upload functionality that can result in remote code execution …
|
CWE-22
Path Traversal
|
CVE-2018-1000659
|
2024-11-21 12:40 |
2018-09-7 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
247913
|
8.8 |
HIGH
Network
|
limesurvey
|
limesurvey
|
LimeSurvey version prior to 3.14.4 contains a file upload vulnerability in upload functionality that can result in an attacker gaining code execution via webshell. This attack appear to be exploitabl…
|
CWE-434
Unrestricted Upload of File with Dangerous Type
|
CVE-2018-1000658
|
2024-11-21 12:40 |
2018-09-7 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
247914
|
8.8 |
HIGH
Network
|
wordpress
|
wordpress
|
WordPress version 4.9.8 and earlier contains a CWE-20 Input Validation vulnerability in thumbnail processing that can result in remote code execution due to an incomplete fix for CVE-2017-1000600. Th…
|
CWE-20
Improper Input Validation
|
CVE-2018-1000773
|
2024-11-21 12:40 |
2018-09-7 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
247915
|
7.8 |
HIGH
Local
|
rust-lang
|
rust
|
Rust Programming Language Rust standard library version Commit bfa0e1f58acf1c28d500c34ed258f09ae021893e and later; stable release 1.3.0 and later contains a Buffer Overflow vulnerability in std::coll…
|
CWE-119
Incorrect Access of Indexable Resource ('Range Error')
|
CVE-2018-1000657
|
2024-11-21 12:40 |
2018-08-21 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
247916
|
7.5 |
HIGH
Network
|
palletsprojects
netapp
|
flask
ontap_select_deploy_utility
hyper_converged_infrastructure
active_iq
|
The Pallets Project flask version Before 0.12.3 contains a CWE-20: Improper Input Validation vulnerability in flask that can result in Large amount of memory usage possibly leading to denial of servi…
|
CWE-20
Improper Input Validation
|
CVE-2018-1000656
|
2024-11-21 12:40 |
2018-08-21 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
247917
|
6.5 |
MEDIUM
Network
|
jsish
|
jsish
|
Jsish version 2.4.65 contains a CWE-476: NULL Pointer Dereference vulnerability in Function jsi_ValueCopyMove from jsiValue.c:240 that can result in Crash due to segmentation fault. This attack appea…
|
CWE-476
NULL Pointer Dereference
|
CVE-2018-1000655
|
2024-11-21 12:40 |
2018-08-21 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
247918
|
5.5 |
MEDIUM
Local
|
gnu
|
libtasn1
|
GNU Libtasn1-4.13 libtasn1-4.13 version libtasn1-4.13, libtasn1-4.12 contains a DoS, specifically CPU usage will reach 100% when running asn1Paser against the POC due to an issue in _asn1_expand_obje…
|
NVD-CWE-noinfo
|
CVE-2018-1000654
|
2024-11-21 12:40 |
2018-08-21 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
247919
|
9.8 |
CRITICAL
Network
|
zzcms
|
zzcms
|
zzcms version 8.3 and earlier contains a SQL Injection vulnerability in zt/top.php line 5 that can result in could be attacked by sql injection in zzcms in nginx. This attack appear to be exploitable…
|
CWE-89
SQL Injection
|
CVE-2018-1000653
|
2024-11-21 12:40 |
2018-08-21 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
247920
|
10.0 |
CRITICAL
Network
|
jabref
|
jabref
|
JabRef version <=4.3.1 contains a XML External Entity (XXE) vulnerability in MsBibImporter XML Parser that can result in disclosure of confidential data, denial of service, server side request forger…
|
CWE-611
XXE
|
CVE-2018-1000652
|
2024-11-21 12:40 |
2018-08-21 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
