|
248151
|
9.8 |
CRITICAL
Network
|
pkgconf
|
pkgconf
|
pkgconf version 1.5.0 to 1.5.2 contains a Buffer Overflow vulnerability in dequote() that can result in dequote() function returns 1-byte allocation if initial length is 0, leading to buffer overflow…
|
CWE-119
Incorrect Access of Indexable Resource ('Range Error')
|
CVE-2018-1000221
|
2024-11-21 12:39 |
2018-08-21 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
248152
|
5.4 |
MEDIUM
Network
|
open-emr
|
openemr
|
OpenEMR version v5_0_1_4 contains a Cross Site Scripting (XSS) vulnerability in The 'scan' parameter in line #41 of interface/fax/fax_view.php that can result in The vulnerability could allow remote …
|
CWE-79
Cross-site Scripting
|
CVE-2018-1000219
|
2024-11-21 12:39 |
2018-08-21 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
248153
|
5.4 |
MEDIUM
Network
|
open-emr
|
openemr
|
OpenEMR version v5_0_1_4 contains a Cross Site Scripting (XSS) vulnerability in The 'file' parameter in line #43 of interface/fax/fax_view.php that can result in The vulnerability could allow remote …
|
CWE-79
Cross-site Scripting
|
CVE-2018-1000218
|
2024-11-21 12:39 |
2018-08-21 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
248154
|
9.8 |
CRITICAL
Network
|
cjson_project
|
cjson
|
Dave Gamble cJSON version 1.7.3 and earlier contains a CWE-416: Use After Free vulnerability in cJSON library that can result in Possible crash, corruption of data or even RCE. This attack appear to …
|
CWE-416
Use After Free
|
CVE-2018-1000217
|
2024-11-21 12:39 |
2018-08-21 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
248155
|
8.8 |
HIGH
Network
|
cjson_project
|
cjson
|
Dave Gamble cJSON version 1.7.2 and earlier contains a CWE-415: Double Free vulnerability in cJSON library that can result in Possible crash or RCE. This attack appear to be exploitable via Attacker …
|
CWE-415
Double Free
|
CVE-2018-1000216
|
2024-11-21 12:39 |
2018-08-21 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
248156
|
7.5 |
HIGH
Network
|
cjson_project
|
cjson
|
Dave Gamble cJSON version 1.7.6 and earlier contains a CWE-772 vulnerability in cJSON library that can result in Denial of Service (DoS). This attack appear to be exploitable via If the attacker can …
|
CWE-772
Missing Release of Resource after Effective Lifetime
|
CVE-2018-1000215
|
2024-11-21 12:39 |
2018-08-21 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
248157
|
7.8 |
HIGH
Local
|
microsoft
|
windows_10
windows_server_2016
visual_studio_2017
visual_studio_2015
|
An Elevation of Privilege vulnerability exists when Diagnostics Hub Standard Collector allows file creation in arbitrary locations, aka "Diagnostic Hub Standard Collector Elevation Of Privilege Vulne…
|
NVD-CWE-noinfo
|
CVE-2018-0952
|
2024-11-21 12:39 |
2018-08-16 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
248158
|
7.5 |
HIGH
Network
|
doorkeeper_project
|
doorkeeper
|
Doorkeeper version 4.2.0 and later contains a Incorrect Access Control vulnerability in Token revocation API's authorized method that can result in Access tokens are not revoked for public OAuth apps…
|
CWE-732
Incorrect Permission Assignment for Critical Resource
|
CVE-2018-1000211
|
2024-11-21 12:39 |
2018-07-14 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
248159
|
7.5 |
HIGH
Network
|
modx
|
modx_revolution
|
MODX Revolution version <=2.6.4 contains a Directory Traversal vulnerability in /core/model/modx/modmanagerrequest.class.php that can result in remove files. This attack appear to be exploitable via …
|
CWE-22
Path Traversal
|
CVE-2018-1000208
|
2024-11-21 12:39 |
2018-07-14 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
248160
|
7.2 |
HIGH
Network
|
modx
|
modx_revolution
|
MODX Revolution version <=2.6.4 contains a Incorrect Access Control vulnerability in Filtering user parameters before passing them into phpthumb class that can result in Creating file with custom a f…
|
CWE-732
Incorrect Permission Assignment for Critical Resource
|
CVE-2018-1000207
|
2024-11-21 12:39 |
2018-07-14 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
