|
254521
|
5.9 |
MEDIUM
Network
|
pyopenssl_project canonical redhat
|
pyopenssl ubuntu_linux enterprise_linux_desktop enterprise_linux_workstation enterprise_linux_server gluster_storage openstack
|
Python Cryptographic Authority pyopenssl version Before 17.5.0 contains a CWE - 401 : Failure to Release Memory Before Removing Last Reference vulnerability in PKCS #12 Store that can result in Denia…
|
CWE-404
Improper Resource Shutdown or Release
|
CVE-2018-1000808
|
2024-11-21 12:40 |
2018-10-9 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
254522
|
8.1 |
HIGH
Network
|
pyopenssl canonical redhat
|
pyopenssl ubuntu_linux enterprise_linux_desktop enterprise_linux_workstation enterprise_linux_server openstack
|
Python Cryptographic Authority pyopenssl version prior to version 17.5.0 contains a CWE-416: Use After Free vulnerability in X509 object handling that can result in Use after free can lead to possibl…
|
CWE-416
Use After Free
|
CVE-2018-1000807
|
2024-11-21 12:40 |
2018-10-9 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
254523
|
8.8 |
HIGH
Network
|
paramiko redhat debian canonical
|
paramiko enterprise_linux_desktop enterprise_linux_workstation enterprise_linux_server enterprise_linux_server_aus virtualization_host enterprise_linux_server_eus enterprise_linu…
|
Paramiko version 2.4.1, 2.3.2, 2.2.3, 2.1.5, 2.0.8, 1.18.5, 1.17.6 contains a Incorrect Access Control vulnerability in SSH server that can result in RCE. This attack appear to be exploitable via net…
|
CWE-863
Incorrect Authorization
|
CVE-2018-1000805
|
2024-11-21 12:40 |
2018-10-9 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
254524
|
9.8 |
CRITICAL
Network
|
python debian canonical opensuse
|
python debian_linux ubuntu_linux leap
|
Python Software Foundation Python (CPython) version 2.7 contains a CWE-77: Improper Neutralization of Special Elements used in a Command ('Command Injection') vulnerability in shutil module (make_arc…
|
CWE-77
Command Injection
|
CVE-2018-1000802
|
2024-11-21 12:40 |
2018-09-19 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
254525
|
6.1 |
MEDIUM
Network
|
koha
|
koha
|
KOHA Library System version 16.11.x (up until 16.11.13) and 17.05.x (up until 17.05.05) contains a Cross Site Scripting (XSS) vulnerability in Multiple fields on multiple pages including /cgi-bin/koh…
|
CWE-79
Cross-site Scripting
|
CVE-2018-1000670
|
2024-11-21 12:40 |
2018-09-7 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
254526
|
8.8 |
HIGH
Network
|
koha
|
koha
|
KOHA Library System version 16.11.x (up until 16.11.13) and 17.05.x (up until 17.05.05) contains a Cross Site Request Forgery (CSRF) vulnerability in /cgi-bin/koha/members/paycollect.pl Parameters af…
|
CWE-352
Origin Validation Error
|
CVE-2018-1000669
|
2024-11-21 12:40 |
2018-09-7 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
254527
|
5.5 |
MEDIUM
Local
|
kde debian
|
okular debian_linux
|
okular version 18.08 and earlier contains a Directory Traversal vulnerability in function "unpackDocumentArchive(...)" in "core/document.cpp" that can result in Arbitrary file creation on the user wo…
|
CWE-22
Path Traversal
|
CVE-2018-1000801
|
2024-11-21 12:40 |
2018-09-7 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
254528
|
6.1 |
MEDIUM
Network
|
sympa debian
|
sympa debian_linux
|
sympa version 6.2.16 and later contains a CWE-601: URL Redirection to Untrusted Site ('Open Redirect') vulnerability in The "referer" parameter of the wwsympa.fcgi login action. that can result in Op…
|
CWE-601
Open Redirect
|
CVE-2018-1000671
|
2024-11-21 12:40 |
2018-09-7 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
254529
|
9.8 |
CRITICAL
Network
|
zephyrproject
|
zephyr
|
zephyr-rtos version 1.12.0 contains a NULL base pointer reference vulnerability in sys_ring_buf_put(), sys_ring_buf_get() that can result in CPU Page Fault (error code 0x00000010). This attack appear…
|
CWE-476
NULL Pointer Dereference
|
CVE-2018-1000800
|
2024-11-21 12:40 |
2018-09-7 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
254530
|
6.5 |
MEDIUM
Network
|
jsish
|
jsish
|
jsish version 2.4.70 2.047 contains a CWE-125: Out-of-bounds Read vulnerability in function jsi_ObjArrayLookup (jsiObj.c:274) that can result in Crash due to segmentation fault. This attack appear to…
|
CWE-125
Out-of-bounds Read
|
CVE-2018-1000668
|
2024-11-21 12:40 |
2018-09-7 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|