|
247581
|
5.3 |
MEDIUM
Network
|
synacor
|
zimbra_collaboration_suite
|
mailboxd in Zimbra Collaboration Suite 8.8 before 8.8.8; 8.7 before 8.7.11.Patch3; and 8.6 before 8.6.0.Patch10 allows Information Exposure through Verbose Error Messages containing a stack dump, tra…
|
CWE-200
Information Exposure
|
CVE-2018-10950
|
2024-11-21 12:42 |
2018-05-10 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
247582
|
5.3 |
MEDIUM
Network
|
synacor
|
zimbra_collaboration_suite
|
mailboxd in Zimbra Collaboration Suite 8.8 before 8.8.8; 8.7 before 8.7.11.Patch3; and 8.6 allows Account Enumeration by leveraging a Discrepancy between the "HTTP 404 - account is not active" and "H…
|
CWE-203
Information Exposure Through Discrepancy
|
CVE-2018-10949
|
2024-11-21 12:42 |
2018-05-10 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
247583
|
5.5 |
MEDIUM
Local
|
alps
|
pointing-device_driver
|
An issue was discovered in Alps Pointing-device Driver 10.1.101.207. ApMsgFwd.exe allows the current user to map and write to the "ApMsgFwd File Mapping Object" section. ApMsgFwd.exe uses the data wr…
|
CWE-20
Improper Input Validation
|
CVE-2018-10828
|
2024-11-21 12:42 |
2018-05-10 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
247584
|
9.8 |
CRITICAL
Network
|
annigroup
|
5_in_1_xvr_firmware
|
download.rsp on ShenZhen Anni "5 in 1 XVR" devices allows remote attackers to download the configuration (without a login) to discover the password.
|
CWE-200
Information Exposure
|
CVE-2018-10770
|
2024-11-21 12:42 |
2018-05-10 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
247585
|
5.5 |
MEDIUM
Local
|
linux
debian
|
linux_kernel
debian_linux
|
The cdrom_ioctl_media_changed function in drivers/cdrom/cdrom.c in the Linux kernel before 4.16.6 allows local attackers to use a incorrect bounds check in the CDROM driver CDROM_MEDIA_CHANGED ioctl …
|
CWE-119
Incorrect Access of Indexable Resource ('Range Error')
|
CVE-2018-10940
|
2024-11-21 12:42 |
2018-05-10 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
247586
|
7.8 |
HIGH
Local
|
2345_security_guard_project
|
2345_security_guard
|
In 2345 Security Guard 3.7, the driver file (2345BdPcSafe.sys, X64 version) allows local users to cause a denial of service (BSOD) or possibly have unspecified other impact because of not validating …
|
CWE-20
Improper Input Validation
|
CVE-2018-10830
|
2024-11-21 12:42 |
2018-05-9 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
247587
|
7.5 |
HIGH
Network
|
zclassic
|
z-nomp
|
Z-NOMP before 2018-04-05 has an incorrect Equihash solution verifier that allows attackers to spoof mining shares, as demonstrated by providing a solution with {x1=1,x2=1,x3=1,...,x512=1} to bypass t…
|
CWE-327
Use of a Broken or Risky Cryptographic Algorithm
|
CVE-2018-10831
|
2024-11-21 12:42 |
2018-05-9 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
247588
|
7.5 |
HIGH
Network
|
litecart
|
litecart
|
LiteCart before 2.1.2 allows remote attackers to cause a denial of service (memory consumption) via URIs that do not exist, because public_html/logs/not_found.log grows without bound, and is loaded i…
|
CWE-400
Uncontrolled Resource Consumption
|
CVE-2018-10827
|
2024-11-21 12:42 |
2018-05-9 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
247589
|
6.1 |
MEDIUM
Network
|
severalnines
|
clustercontrol
|
Severalnines ClusterControl before 1.6.0-4699 allows XSS.
|
CWE-79
Cross-site Scripting
|
CVE-2018-10817
|
2024-11-21 12:42 |
2018-05-9 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
247590
|
4.1 |
MEDIUM
Local
|
bitpie
|
bitcoin_wallet
|
The Bitpie application through 3.2.4 for Android and iOS uses cleartext storage for digital currency initial keys, which allows local users to steal currency by leveraging root access to read /com.bi…
|
CWE-312
Cleartext Storage of Sensitive Information
|
CVE-2018-10812
|
2024-11-21 12:42 |
2018-05-9 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
