|
246881
|
7.8 |
HIGH
Local
|
microsoft
|
word
office
office_compatibility_pack
|
Equation Editor in Microsoft Office 2003, Microsoft Office 2007, Microsoft Office 2010, Microsoft Office 2013, and Microsoft Office 2016 allows a remote code execution vulnerability due to the way ob…
|
NVD-CWE-noinfo
|
CVE-2018-0845
|
2024-11-21 12:39 |
2018-01-23 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
246882
|
3.7 |
LOW
Network
|
powerdns
|
recursor
|
Improper input validation bugs in DNSSEC validators components in PowerDNS version 4.1.0 allow attacker in man-in-the-middle position to deny existence of some data in DNS via packet replay.
|
CWE-20
Improper Input Validation
|
CVE-2018-1000003
|
2024-11-21 12:39 |
2018-01-23 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
246883
|
3.7 |
LOW
Network
|
nic
|
knot_resolver
|
Improper input validation bugs in DNSSEC validators components in Knot Resolver (prior version 1.5.2) allow attacker in man-in-the-middle position to deny existence of some data in DNS via packet rep…
|
CWE-20
Improper Input Validation
|
CVE-2018-1000002
|
2024-11-21 12:39 |
2018-01-23 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
246884
|
5.9 |
MEDIUM
Network
|
linux
|
linux_kernel
|
In the Linux kernel 4.12, 3.10, 2.6 and possibly earlier versions a race condition vulnerability exists in the sound system, this can lead to a deadlock and denial of service condition.
|
CWE-362
Race Condition
|
CVE-2018-1000004
|
2024-11-21 12:39 |
2018-01-17 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
246885
|
6.5 |
MEDIUM
Network
|
microsoft
|
office
|
Microsoft Office 2016 for Mac allows an attacker to send a specially crafted email attachment to a user in an attempt to launch a social engineering attack, such as phishing, due to how Outlook for M…
|
NVD-CWE-noinfo
|
CVE-2018-0819
|
2024-11-21 12:39 |
2018-01-10 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
246886
|
7.5 |
HIGH
Network
|
microsoft
|
chakracore
|
Microsoft ChakraCore allows an attacker to bypass Control Flow Guard (CFG) in conjunction with another vulnerability to run arbitrary code on a target system, due to how the Chakra scripting engine h…
|
NVD-CWE-noinfo
|
CVE-2018-0818
|
2024-11-21 12:39 |
2018-01-10 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
246887
|
7.8 |
HIGH
Local
|
microsoft
|
word
office
office_compatibility_pack
|
Equation Editor in Microsoft Office 2003, Microsoft Office 2007, Microsoft Office 2010, Microsoft Office 2013, and Microsoft Office 2016 allows a remote code execution vulnerability due to the way ob…
|
CWE-787
Out-of-bounds Write
|
CVE-2018-0812
|
2024-11-21 12:39 |
2018-01-10 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
246888
|
9.8 |
CRITICAL
Network
|
qnap
|
qts
|
This command injection vulnerability in File Station allows attackers to execute commands on the affected device. To fix the vulnerability, QNAP recommend updating QTS to their latest versions.
|
CWE-77
Command Injection
|
CVE-2018-0730
|
2024-11-21 12:38 |
2019-12-5 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
246889
|
9.8 |
CRITICAL
Network
|
qnap
|
music_station
|
This command injection vulnerability in Music Station allows attackers to execute commands on the affected device. To fix the vulnerability, QNAP recommend updating Music Station to their latest vers…
|
CWE-77
Command Injection
|
CVE-2018-0729
|
2024-11-21 12:38 |
2019-12-5 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
246890
|
7.5 |
HIGH
Network
|
qnap
|
helpdesk
|
This improper access control vulnerability in Helpdesk allows attackers to access the system logs. To fix the vulnerability, QNAP recommend updating QTS and Helpdesk to their latest versions.
|
CWE-269
Improper Privilege Management
|
CVE-2018-0728
|
2024-11-21 12:38 |
2019-12-5 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
