|
247391
|
9.8 |
CRITICAL
Network
|
annigroup
|
5_in_1_xvr_firmware
|
download.rsp on ShenZhen Anni "5 in 1 XVR" devices allows remote attackers to download the configuration (without a login) to discover the password.
|
CWE-200
Information Exposure
|
CVE-2018-10770
|
2024-11-21 12:42 |
2018-05-10 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
247392
|
5.5 |
MEDIUM
Local
|
linux
debian
|
linux_kernel
debian_linux
|
The cdrom_ioctl_media_changed function in drivers/cdrom/cdrom.c in the Linux kernel before 4.16.6 allows local attackers to use a incorrect bounds check in the CDROM driver CDROM_MEDIA_CHANGED ioctl …
|
CWE-119
Incorrect Access of Indexable Resource ('Range Error')
|
CVE-2018-10940
|
2024-11-21 12:42 |
2018-05-10 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
247393
|
7.8 |
HIGH
Local
|
2345_security_guard_project
|
2345_security_guard
|
In 2345 Security Guard 3.7, the driver file (2345BdPcSafe.sys, X64 version) allows local users to cause a denial of service (BSOD) or possibly have unspecified other impact because of not validating …
|
CWE-20
Improper Input Validation
|
CVE-2018-10830
|
2024-11-21 12:42 |
2018-05-9 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
247394
|
7.5 |
HIGH
Network
|
zclassic
|
z-nomp
|
Z-NOMP before 2018-04-05 has an incorrect Equihash solution verifier that allows attackers to spoof mining shares, as demonstrated by providing a solution with {x1=1,x2=1,x3=1,...,x512=1} to bypass t…
|
CWE-327
Use of a Broken or Risky Cryptographic Algorithm
|
CVE-2018-10831
|
2024-11-21 12:42 |
2018-05-9 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
247395
|
7.5 |
HIGH
Network
|
litecart
|
litecart
|
LiteCart before 2.1.2 allows remote attackers to cause a denial of service (memory consumption) via URIs that do not exist, because public_html/logs/not_found.log grows without bound, and is loaded i…
|
CWE-400
Uncontrolled Resource Consumption
|
CVE-2018-10827
|
2024-11-21 12:42 |
2018-05-9 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
247396
|
6.1 |
MEDIUM
Network
|
severalnines
|
clustercontrol
|
Severalnines ClusterControl before 1.6.0-4699 allows XSS.
|
CWE-79
Cross-site Scripting
|
CVE-2018-10817
|
2024-11-21 12:42 |
2018-05-9 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
247397
|
4.1 |
MEDIUM
Local
|
bitpie
|
bitcoin_wallet
|
The Bitpie application through 3.2.4 for Android and iOS uses cleartext storage for digital currency initial keys, which allows local users to steal currency by leveraging root access to read /com.bi…
|
CWE-312
Cleartext Storage of Sensitive Information
|
CVE-2018-10812
|
2024-11-21 12:42 |
2018-05-9 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
247398
|
7.8 |
HIGH
Local
|
2345_security_guard_project
|
2345_security_guard
|
In 2345 Security Guard 3.7, the driver file (2345NetFirewall.sys) allows local users to cause a denial of service (BSOD) or possibly have unspecified other impact because of not validating input valu…
|
CWE-20
Improper Input Validation
|
CVE-2018-10809
|
2024-11-21 12:42 |
2018-05-8 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
247399
|
5.4 |
MEDIUM
Network
|
frogcms_project
|
frogcms
|
An issue was discovered in Frog CMS 0.9.5. There is a reflected Cross Site Scripting Vulnerability via the file[current_name] parameter to the admin/?/plugin/file_manager/rename URI. This can be used…
|
CWE-352
CWE-79
Origin Validation Error
Cross-site Scripting
|
CVE-2018-10806
|
2024-11-21 12:42 |
2018-05-8 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
247400
|
6.5 |
MEDIUM
Network
|
imagemagick
canonical
|
imagemagick
ubuntu_linux
|
ImageMagick version 7.0.7-28 contains a memory leak in ReadYCBCRImage in coders/ycbcr.c.
|
CWE-772
Missing Release of Resource after Effective Lifetime
|
CVE-2018-10805
|
2024-11-21 12:42 |
2018-05-8 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
