|
248041
|
7.8 |
HIGH
Local
|
loboevolution_project
|
loboevolution
|
LoboEvolution version < 9b75694cedfa4825d4a2330abf2719d470c654cd contains a XML External Entity (XXE) vulnerability in XML Parsing when viewing the XML file in the browser that can result in disclosu…
|
CWE-611
XXE
|
CVE-2018-1000540
|
2024-11-21 12:40 |
2018-06-27 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
248042
|
5.3 |
MEDIUM
Network
|
json-jwt_project
|
json-jwt
|
Nov json-jwt version >= 0.5.0 && < 1.9.4 contains a CWE-347: Improper Verification of Cryptographic Signature vulnerability in Decryption of AES-GCM encrypted JSON Web Tokens that can result in Attac…
|
CWE-347
Improper Verification of Cryptographic Signature
|
CVE-2018-1000539
|
2024-11-21 12:40 |
2018-06-27 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
248043
|
7.5 |
HIGH
Network
|
minio
|
minio
|
Minio Inc. Minio S3 server version prior to RELEASE.2018-05-16T23-35-33Z contains a Allocation of Memory Without Limits or Throttling (similar to CWE-774) vulnerability in write-to-RAM that can resul…
|
CWE-774
Allocation of File Descriptors or Handles Without Limits or Throttling
|
CVE-2018-1000538
|
2024-11-21 12:40 |
2018-06-27 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
248044
|
9.8 |
CRITICAL
Network
|
marlinfw
|
marlin_firmware
|
Marlin Firmware Marlin version 1.1.x and earlier contains a Buffer Overflow vulnerability in cardreader.cpp (Depending on branch/version) that can result in Arbitrary code execution. This attack appe…
|
CWE-119
Incorrect Access of Indexable Resource ('Range Error')
|
CVE-2018-1000537
|
2024-11-21 12:40 |
2018-06-27 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
248045
|
6.1 |
MEDIUM
Network
|
getmedis
|
medis
|
Medis version 0.6.1 and earlier contains a XSS vulnerability evolving into code execution due to enabled nodeIntegration for the renderer process vulnerability in Key name parameter on new key creati…
|
CWE-79
Cross-site Scripting
|
CVE-2018-1000536
|
2024-11-21 12:40 |
2018-06-27 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
248046
|
7.5 |
HIGH
Network
|
lms
|
lms
|
lms version <= LMS_011123 contains a Local File Disclosure vulnerability in File reading functionality in LMS module that can result in Possible to read files on the server. This attack appear to be …
|
CWE-200
Information Exposure
|
CVE-2018-1000535
|
2024-11-21 12:40 |
2018-06-27 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
248047
|
6.1 |
MEDIUM
Network
|
joplin_project
|
joplin
|
Joplin version prior to 1.0.90 contains a XSS evolving into code execution due to enabled nodeIntegration for that particular BrowserWindow instance where XSS was identified from vulnerability in Not…
|
CWE-79
Cross-site Scripting
|
CVE-2018-1000534
|
2024-11-21 12:40 |
2018-06-27 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
248048
|
9.8 |
CRITICAL
Network
|
gitlist
|
gitlist
|
klaussilveira GitList version <= 0.6 contains a Passing incorrectly sanitized input to system function vulnerability in `searchTree` function that can result in Execute any code as PHP user. This att…
|
CWE-20
Improper Input Validation
|
CVE-2018-1000533
|
2024-11-21 12:40 |
2018-06-27 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
248049
|
4.7 |
MEDIUM
Local
|
beep_project
|
beep
|
beep version 1.3 and up contains a External Control of File Name or Path vulnerability in --device option that can result in Local unprivileged user can inhibit execution of arbitrary programs by oth…
|
CWE-22
Path Traversal
|
CVE-2018-1000532
|
2024-11-21 12:40 |
2018-06-27 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
248050
|
7.5 |
HIGH
Network
|
inversoft
|
prime-jwt
|
inversoft prime-jwt version prior to commit abb0d479389a2509f939452a6767dc424bb5e6ba contains a CWE-20 vulnerability in JWTDecoder.decode that can result in an incorrect signature validation of a JWT…
|
CWE-20
Improper Input Validation
|
CVE-2018-1000531
|
2024-11-21 12:40 |
2018-06-27 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
