|
246621
|
5.5 |
MEDIUM
Local
|
intel
|
s7200ap_firmware
hns7200ap_firmware
s7200apr_firmware
hns7200apr_firmware
|
Improper password hashing in firmware in Intel Server Board (S7200AP,S7200APR) and Intel Compute Module (HNS7200AP, HNS7200AP) may allow a privileged user to potentially disclose firmware passwords v…
|
NVD-CWE-noinfo
|
CVE-2018-12172
|
2024-11-21 12:44 |
2018-10-11 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
246622
|
6.5 |
MEDIUM
Network
|
intel
|
raid_web_console
|
Insufficient session validation in the webserver component of the Intel Rapid Web Server 3 may allow an unauthenticated user to potentially disclose information via network access.
|
CWE-200
Information Exposure
|
CVE-2018-12161
|
2024-11-21 12:44 |
2018-10-11 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
246623
|
6.0 |
MEDIUM
Local
|
intel
|
next_unit_of_computing_firmware
|
Insufficient input validation in BIOS update utility in Intel NUC FW kits downloaded before May 24, 2018 may allow a privileged user to potentially trigger a denial of service or information disclosu…
|
CWE-200
Information Exposure
|
CVE-2018-12158
|
2024-11-21 12:44 |
2018-10-11 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
246624
|
6.5 |
MEDIUM
Local
|
intel
|
graphics_driver
|
Denial of Service in Unified Shader Compiler in Intel Graphics Drivers before 10.18.x.5056 (aka 15.33.x.5056), 10.18.x.5057 (aka 15.36.x.5057) and 20.19.x.5058 (aka 15.40.x.5058) may allow an unprivi…
|
CWE-20
Improper Input Validation
|
CVE-2018-12153
|
2024-11-21 12:44 |
2018-10-11 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
246625
|
7.8 |
HIGH
Local
|
intel
|
graphics_driver
|
Pointer corruption in Unified Shader Compiler in Intel Graphics Drivers before 10.18.x.5056 (aka 15.33.x.5056), 10.18.x.5057 (aka 15.36.x.5057) and 20.19.x.5058 (aka 15.40.x.5058) may allow an unauth…
|
CWE-119
Incorrect Access of Indexable Resource ('Range Error')
|
CVE-2018-12152
|
2024-11-21 12:44 |
2018-10-11 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
246626
|
7.8 |
HIGH
Local
|
intel
|
datacenter_nvme
rapid_storage_technology
client_nvme
|
Permissions in the driver pack installers for Intel NVMe before version 4.0.0.1007 and Intel RSTe before version 4.7.0.2083 may allow an authenticated user to potentially escalate privilege via local…
|
CWE-732
Incorrect Permission Assignment for Critical Resource
|
CVE-2018-12131
|
2024-11-21 12:44 |
2018-10-10 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
246627
|
7.5 |
HIGH
Network
|
apache
|
tika
|
In Apache Tika 1.19 (CVE-2018-11761), we added an entity expansion limit for XML parsing. However, Tika reuses SAXParsers and calls reset() after each parse, which, for Xerces2 parsers, as per the do…
|
CWE-611
XXE
|
CVE-2018-11796
|
2024-11-21 12:44 |
2018-10-10 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
246628
|
5.5 |
MEDIUM
Local
|
apache
fedoraproject
oracle
|
pdfbox
fedora
retail_xstore_point_of_service
|
In Apache PDFBox 1.8.0 to 1.8.15 and 2.0.0RC1 to 2.0.11, a carefully crafted PDF file can trigger an extremely long running computation when parsing the page tree.
|
NVD-CWE-noinfo
|
CVE-2018-11797
|
2024-11-21 12:44 |
2018-10-6 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
246629
|
8.8 |
HIGH
Network
|
apache
|
ranger
|
UnixAuthenticationService in Apache Ranger 1.2.0 was updated to correctly handle user input to avoid Stack-based buffer overflow. Versions prior to 1.2.0 should be upgraded to 1.2.0
|
CWE-787
Out-of-bounds Write
|
CVE-2018-11778
|
2024-11-21 12:44 |
2018-10-6 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
246630
|
5.3 |
MEDIUM
Physics
|
opcfoundation
|
ua-.netstandard
ua-.net-legacy
|
Failure to validate certificates in OPC Foundation UA Client Applications communicating without security allows attackers with control over a piece of network infrastructure to decrypt passwords.
|
CWE-295
Improper Certificate Validation
|
CVE-2018-12087
|
2024-11-21 12:44 |
2018-10-4 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
