|
248061
|
7.5 |
HIGH
Network
|
websockets_project
|
websockets
|
aaugustin websockets version 4 contains a CWE-409: Improper Handling of Highly Compressed Data (Data Amplification) vulnerability in Servers and clients, unless configured with compression=None that …
|
CWE-400
Uncontrolled Resource Consumption
|
CVE-2018-1000518
|
2024-11-21 12:40 |
2018-06-27 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
248062
|
9.8 |
CRITICAL
Network
|
busybox
debian
canonical
|
busybox
debian_linux
ubuntu_linux
|
BusyBox project BusyBox wget version prior to commit 8e2174e9bd836e53c8b9c6e00d1bc6e2a718686e contains a Buffer Overflow vulnerability in Busybox wget that can result in heap buffer overflow. This at…
|
CWE-120
Classic Buffer Overflow
|
CVE-2018-1000517
|
2024-11-21 12:40 |
2018-06-27 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
248063
|
7.5 |
HIGH
Network
|
news-articles_project
|
news-articles
|
ventrian News-Articles version NewsArticles.00.09.11 contains a XML External Entity (XXE) vulnerability in News-Articles/API/MetaWebLog/Handler.ashx.vb that can result in Attacker can read any file i…
|
CWE-611
XXE
|
CVE-2018-1000515
|
2024-11-21 12:40 |
2018-06-27 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
248064
|
4.3 |
MEDIUM
Network
|
limesurvey
|
limesurvey
|
LimeSurvey version 3.0.0-beta.3+17110 contains a Cross ite Request Forgery (CSRF) vulnerability in Boxes that can result in CSRF admins to delete boxes. This vulnerability appears to have been fixed …
|
CWE-352
Origin Validation Error
|
CVE-2018-1000514
|
2024-11-21 12:40 |
2018-06-27 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
248065
|
6.1 |
MEDIUM
Network
|
galaxyproject
|
galaxy
|
The Galaxy Project Galaxy version v14.10 contains a CWE-79: Improper Neutralization of Input During Web Page Generation vulnerability in Many templates used in the Galaxy server did not properly sani…
|
CWE-79
Cross-site Scripting
|
CVE-2018-1000516
|
2024-11-21 12:40 |
2018-06-27 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
248066
|
4.8 |
MEDIUM
Network
|
limesurvey
|
limesurvey
|
LimeSurvey version 3.0.0-beta.3+17110 contains a Cross Site Scripting (XSS) vulnerability in Boxes that can result in JS code execution against LimeSurvey admins. This vulnerability appears to have b…
|
CWE-79
Cross-site Scripting
|
CVE-2018-1000513
|
2024-11-21 12:40 |
2018-06-27 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
248067
|
6.1 |
MEDIUM
Network
|
tooltipy_project
|
tooltipy
|
Tooltipy Tooltipy (tooltips for WP) version 5 contains a Cross Site Scripting (XSS) vulnerability in Glossary shortcode that can result in could allow anybody to do almost anything an admin can. This…
|
CWE-79
Cross-site Scripting
|
CVE-2018-1000512
|
2024-11-21 12:40 |
2018-06-27 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
248068
|
7.5 |
HIGH
Network
|
wpulike
|
ulike
|
WP ULike version 2.8.1, 3.1 contains a Incorrect Access Control vulnerability in AJAX that can result in allows anybody to delete any row in certain tables. This attack appear to be exploitable via A…
|
CWE-732
Incorrect Permission Assignment for Critical Resource
|
CVE-2018-1000511
|
2024-11-21 12:40 |
2018-06-27 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
248069
|
6.5 |
MEDIUM
Network
|
silkypress
|
image_zoom
|
WP Image Zoom version 1.23 contains a Incorrect Access Control vulnerability in AJAX settings that can result in allows anybody to cause denial of service. This attack appear to be exploitable via Ca…
|
CWE-732
Incorrect Permission Assignment for Critical Resource
|
CVE-2018-1000510
|
2024-11-21 12:40 |
2018-06-27 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
248070
|
7.2 |
HIGH
Network
|
redirection
|
redirection
|
Redirection version 2.7.1 contains a Serialisation vulnerability possibly allowing ACE vulnerability in Settings page AJAX that can result in could allow admin to execute arbitrary code in some circu…
|
CWE-502
Deserialization of Untrusted Data
|
CVE-2018-1000509
|
2024-11-21 12:40 |
2018-06-27 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
