|
254201
|
4.8 |
MEDIUM
Network
|
tagregator_project
|
tagregator
|
The Tagregator plugin 0.6 for WordPress has stored XSS via the title field in an Add New action.
|
CWE-79
Cross-site Scripting
|
CVE-2018-10752
|
2024-11-21 12:41 |
2018-05-5 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
254202
|
9.8 |
CRITICAL
Network
|
sierrawireless
|
aleos
|
A vulnerability in Sierra Wireless AirLink GX400, GX440, ES440, and LS300 routers with firmware before 4.4.7 and GX450, ES450, RV50, RV50X, MP70, and MP70E routers with firmware before 4.9.3 could al…
|
CWE-1188 CWE-862
Insecure Default Initialization of Resource Missing Authorization
|
CVE-2018-10251
|
2024-11-21 12:41 |
2018-05-5 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
254203
|
4.8 |
MEDIUM
Network
|
google mozilla lg
|
chrome firefox nexus_5
|
A hardware vulnerability in GPU memory modules allows attackers to accelerate micro-architectural attacks through the use of the JavaScript WebGL API.
|
CWE-200
Information Exposure
|
CVE-2018-10229
|
2024-11-21 12:41 |
2018-05-5 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
254204
|
8.8 |
HIGH
Network
|
d-link
|
dsl-3782_firmware
|
An issue was discovered on D-Link DSL-3782 EU 1.01 devices. An authenticated user can pass a long buffer as a 'staticGet' parameter to the '/userfs/bin/tcapi' binary (in the Diagnostics component) us…
|
CWE-119
Incorrect Access of Indexable Resource ('Range Error')
|
CVE-2018-10750
|
2024-11-21 12:41 |
2018-05-5 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
254205
|
8.8 |
HIGH
Network
|
d-link
|
dsl-3782_firmware
|
An issue was discovered on D-Link DSL-3782 EU 1.01 devices. An authenticated user can pass a long buffer as a 'commit' parameter to the '/userfs/bin/tcapi' binary (in the Diagnostics component) using…
|
CWE-119
Incorrect Access of Indexable Resource ('Range Error')
|
CVE-2018-10749
|
2024-11-21 12:41 |
2018-05-5 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
254206
|
8.8 |
HIGH
Network
|
d-link
|
dsl-3782_firmware
|
An issue was discovered on D-Link DSL-3782 EU 1.01 devices. An authenticated user can pass a long buffer as a 'show' parameter to the '/userfs/bin/tcapi' binary (in the Diagnostics component) using t…
|
CWE-119
Incorrect Access of Indexable Resource ('Range Error')
|
CVE-2018-10748
|
2024-11-21 12:41 |
2018-05-5 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
254207
|
8.8 |
HIGH
Network
|
d-link
|
dsl-3782_firmware
|
An issue was discovered on D-Link DSL-3782 EU 1.01 devices. An authenticated user can pass a long buffer as an 'unset' parameter to the '/userfs/bin/tcapi' binary (in the Diagnostics component) using…
|
CWE-119
Incorrect Access of Indexable Resource ('Range Error')
|
CVE-2018-10747
|
2024-11-21 12:41 |
2018-05-5 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
254208
|
8.8 |
HIGH
Network
|
d-link
|
dsl-3782_firmware
|
An issue was discovered on D-Link DSL-3782 EU 1.01 devices. An authenticated user can pass a long buffer as a 'get' parameter to the '/userfs/bin/tcapi' binary (in the Diagnostics component) using th…
|
CWE-119
Incorrect Access of Indexable Resource ('Range Error')
|
CVE-2018-10746
|
2024-11-21 12:41 |
2018-05-5 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
254209
|
9.8 |
CRITICAL
Network
|
axublog
|
axublog
|
Axublog 1.1.0 allows remote Code Execution as demonstrated by injection of PHP code (contained in the webkeywords parameter) into the cmsconfig.php file.
|
CWE-94
Code Injection
|
CVE-2018-10740
|
2024-11-21 12:41 |
2018-05-5 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
254210
|
5.5 |
MEDIUM
Local
|
2345_security_guard_project
|
2345_security_guard
|
An issue was discovered in Shanghai 2345 Security Guard 3.7.0. 2345MPCSafe.exe allows local users to bypass intended process protections, and consequently terminate process, because WM_SYSCOMMAND is …
|
NVD-CWE-noinfo
|
CVE-2018-10739
|
2024-11-21 12:41 |
2018-05-5 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|