|
246461
|
5.5 |
MEDIUM
Local
|
trms
|
tightrope_media_carousel_digital_signage
|
A Local File Inclusion (LFI) vulnerability exists in the Web Interface API of TightRope Media Carousel Digital Signage before 7.3.5. The RenderingFetch API allows for the downloading of arbitrary fil…
|
CWE-22
Path Traversal
|
CVE-2018-14573
|
2024-11-21 12:49 |
2018-07-24 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
246462
|
8.8 |
HIGH
Network
|
niushop
|
b2b2c_multi-business
|
A file upload vulnerability in application/shop/controller/member.php in Niushop B2B2C Multi-business basic version V1.11 allows any remote member to upload a .php file to the web server via a profil…
|
CWE-434
Unrestricted Upload of File with Dangerous Type
|
CVE-2018-14570
|
2024-11-21 12:49 |
2018-07-24 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
246463
|
7.5 |
HIGH
Network
|
suricata-ids
|
suricata
|
Suricata before 4.0.5 stops TCP stream inspection upon a TCP RST from a server. This allows detection bypass because Windows TCP clients proceed with normal processing of TCP data that arrives shortl…
|
NVD-CWE-noinfo
|
CVE-2018-14568
|
2024-11-21 12:49 |
2018-07-24 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
246464
|
9.8 |
CRITICAL
Network
|
thunlp
|
thulac
|
An issue was discovered in libthulac.so in THULAC through 2018-02-25. A heap-based buffer over-read can occur in NGramFeature::find_bases in include/cb_ngram_feature.h.
|
CWE-125
Out-of-bounds Read
|
CVE-2018-14565
|
2024-11-21 12:49 |
2018-07-23 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
246465
|
9.8 |
CRITICAL
Network
|
thunlp
|
thulac
|
An issue was discovered in libthulac.so in THULAC through 2018-02-25. A SEGV can occur in NGramFeature::find_bases in include/cb_ngram_feature.h.
|
CWE-119
Incorrect Access of Indexable Resource ('Range Error')
|
CVE-2018-14564
|
2024-11-21 12:49 |
2018-07-23 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
246466
|
9.8 |
CRITICAL
Network
|
thunlp
|
thulac
|
An issue was discovered in libthulac.so in THULAC through 2018-02-25. "operator delete" is used with "operator new[]" in the TaggingLearner class in include/cb_tagging_learner.h, possibly leading to …
|
CWE-119
Incorrect Access of Indexable Resource ('Range Error')
|
CVE-2018-14563
|
2024-11-21 12:49 |
2018-07-23 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
246467
|
9.8 |
CRITICAL
Network
|
thunlp
|
thulac
|
An issue was discovered in libthulac.so in THULAC through 2018-02-25. A NULL pointer dereference can occur in the BasicModel class in include/cb_model.h.
|
CWE-476
NULL Pointer Dereference
|
CVE-2018-14562
|
2024-11-21 12:49 |
2018-07-23 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
246468
|
9.8 |
CRITICAL
Network
|
imagemagick
canonical
|
imagemagick
ubuntu_linux
|
The ReadMATImageV4 function in coders/mat.c in ImageMagick 7.0.8-7 uses an uninitialized variable, leading to memory corruption.
|
CWE-787
CWE-908
Out-of-bounds Write
Use of Uninitialized Resource
|
CVE-2018-14551
|
2024-11-21 12:49 |
2018-07-23 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
246469
|
6.5 |
MEDIUM
Network
|
libwav_project
|
libwav
|
An issue has been found in libwav through 2017-04-20. It is a SEGV in the function wav_write in libwav.c.
|
NVD-CWE-noinfo
|
CVE-2018-14549
|
2024-11-21 12:49 |
2018-07-23 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
246470
|
5.5 |
MEDIUM
Local
|
axiosys
|
bento4
|
There exists one invalid memory read bug in AP4_SampleDescription::GetType() in Ap4SampleDescription.h in Bento4 1.5.1-624, which can allow attackers to cause a denial-of-service via a crafted mp4 fi…
|
CWE-125
Out-of-bounds Read
|
CVE-2018-14545
|
2024-11-21 12:49 |
2018-07-23 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
