|
247141
|
6.5 |
MEDIUM
Network
|
vmware redhat oracle
|
spring_framework openshift flexcube_private_banking weblogic_server primavera_gateway application_testing_suite hospitality_guest_access enterprise_manager_ops_center endeca_i…
|
Spring Framework, versions 5.0.x prior to 5.0.6, versions 4.3.x prior to 4.3.17, and older unsupported versions allows applications to expose STOMP over WebSocket endpoints with a simple, in-memory S…
|
NVD-CWE-noinfo
|
CVE-2018-1257
|
2024-11-21 12:59 |
2018-05-12 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
247142
|
5.5 |
MEDIUM
Local
|
linux debian canonical redhat
|
linux_kernel debian_linux ubuntu_linux enterprise_linux_desktop enterprise_linux_workstation enterprise_linux_server virtualization_host
|
Linux kernel vhost since version 4.8 does not properly initialize memory in messages passed between virtual guests and the host operating system in the vhost/vhost.c:vhost_new_msg() function. This ca…
|
-
|
CVE-2018-1118
|
2024-11-21 12:59 |
2018-05-11 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
247143
|
9.1 |
CRITICAL
Network
|
postgresql opensuse
|
postgresql leap
|
postgresql before versions 10.4, 9.6.9 is vulnerable in the adminpack extension, the pg_catalog.pg_logfile_rotate() function doesn't follow the same ACLs than pg_rorate_logfile. If the adminpack is a…
|
CWE-732
Incorrect Permission Assignment for Critical Resource
|
CVE-2018-1115
|
2024-11-21 12:59 |
2018-05-11 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
247144
|
5.5 |
MEDIUM
Local
|
linux debian canonical redhat
|
linux_kernel debian_linux ubuntu_linux enterprise_linux_desktop enterprise_linux_workstation enterprise_linux_server
|
Linux kernel before version 4.16-rc7 is vulnerable to a null pointer dereference in dccp_write_xmit() function in net/dccp/output.c in that allows a local user to cause a denial of service by a numbe…
|
CWE-476
NULL Pointer Dereference
|
CVE-2018-1130
|
2024-11-21 12:59 |
2018-05-10 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
247145
|
7.8 |
HIGH
Local
|
microsoft
|
.net_framework
|
A security feature bypass vulnerability exists in .Net Framework which could allow an attacker to bypass Device Guard, aka ".NET Framework Device Guard Security Feature Bypass Vulnerability." This af…
|
NVD-CWE-noinfo
|
CVE-2018-1039
|
2024-11-21 12:59 |
2018-05-10 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
247146
|
4.3 |
MEDIUM
Network
|
microsoft
|
edge internet_explorer
|
An information disclosure vulnerability exists when affected Microsoft browsers improperly handle objects in memory, aka "Microsoft Browser Information Disclosure Vulnerability." This affects Interne…
|
NVD-CWE-noinfo
|
CVE-2018-1025
|
2024-11-21 12:59 |
2018-05-10 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
247147
|
7.5 |
HIGH
Network
|
microsoft
|
edge internet_explorer chakracore
|
A remote code execution vulnerability exists in the way the scripting engine handles objects in memory in Microsoft browsers, aka "Scripting Engine Memory Corruption Vulnerability." This affects Chak…
|
CWE-787
Out-of-bounds Write
|
CVE-2018-1022
|
2024-11-21 12:59 |
2018-05-10 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
247148
|
4.3 |
MEDIUM
Network
|
microsoft
|
edge
|
An information disclosure vulnerability exists when Microsoft Edge improperly handles objects in memory, aka "Microsoft Edge Information Disclosure Vulnerability." This affects Microsoft Edge. This C…
|
NVD-CWE-noinfo
|
CVE-2018-1021
|
2024-11-21 12:59 |
2018-05-10 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
247149
|
7.5 |
HIGH
Network
|
fedoraproject redhat debian
|
389_directory_server enterprise_linux_desktop enterprise_linux_workstation enterprise_linux_server debian_linux
|
389-ds-base before versions 1.4.0.9, 1.3.8.1, 1.3.6.15 did not properly handle long search filters with characters needing escapes, possibly leading to buffer overflows. A remote, unauthenticated att…
|
CWE-119
Incorrect Access of Indexable Resource ('Range Error')
|
CVE-2018-1089
|
2024-11-21 12:59 |
2018-05-10 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
247150
|
6.1 |
MEDIUM
Network
|
rsa
|
authentication_manager
|
RSA Authentication Manager Security Console, Operation Console and Self-Service Console, version 8.3 and earlier, is affected by a Host header injection vulnerability. This could allow a remote attac…
|
CWE-601
Open Redirect
|
CVE-2018-1248
|
2024-11-21 12:59 |
2018-05-8 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|