|
246661
|
7.8 |
HIGH
Local
|
google
|
android
|
In all android releases (Android for MSM, Firefox OS for MSM, QRD Android) from CAF using the linux kernel, lack of check on integer overflow while calculating memory can lead to Buffer overflow in W…
|
CWE-190
Integer Overflow or Wraparound
|
CVE-2018-11826
|
2024-11-21 12:44 |
2018-09-19 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
246662
|
7.0 |
HIGH
Local
|
google
|
android
|
In all android releases (Android for MSM, Firefox OS for MSM, QRD Android) from CAF using the linux kernel, LUT configuration is passed down to driver from userspace via ioctl. Simultaneous update fr…
|
CWE-362
CWE-416
Race Condition
Use After Free
|
CVE-2018-11818
|
2024-11-21 12:44 |
2018-09-19 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
246663
|
8.1 |
HIGH
Network
|
apache
|
karaf
|
In Apache Karaf version prior to 3.0.9, 4.0.9, 4.1.1, when the webconsole feature is installed in Karaf, it is available at .../system/console and requires authentication to access it. One part of th…
|
CWE-287
Improper Authentication
|
CVE-2018-11787
|
2024-11-21 12:44 |
2018-09-18 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
246664
|
8.8 |
HIGH
Network
|
apache
|
karaf
|
In Apache Karaf prior to 4.2.0 release, if the sshd service in Karaf is left on so an administrator can manage the running instance, any user with rights to the Karaf console can pivot and read/write…
|
CWE-269
Improper Privilege Management
|
CVE-2018-11786
|
2024-11-21 12:44 |
2018-09-18 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
246665
|
7.8 |
HIGH
Local
|
apache
redhat
debian
canonical
|
spamassassin
enterprise_linux_desktop
enterprise_linux_workstation
enterprise_linux_server
debian_linux
ubuntu_linux
enterprise_linux_server_eus
|
Apache SpamAssassin 3.4.2 fixes a local user code injection in the meta rule syntax.
|
CWE-94
Code Injection
|
CVE-2018-11781
|
2024-11-21 12:44 |
2018-09-17 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
246666
|
9.8 |
CRITICAL
Network
|
apache
pdfinfo_project
debian
canonical
|
spamassassin
pdfinfo
debian_linux
ubuntu_linux
|
A potential Remote Code Execution bug exists with the PDFInfo plugin in Apache SpamAssassin before 3.4.2.
|
CWE-94
Code Injection
|
CVE-2018-11780
|
2024-11-21 12:44 |
2018-09-17 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
246667
|
7.5 |
HIGH
Network
|
opcfoundation
debian
|
unified_architecture-.net-legacy
unified_architecture-java
unified_architecture_ansic
unified_architecture_.net-standard
debian_linux
|
Buffer overflow in OPC UA applications allows remote attackers to trigger a stack overflow with carefully structured requests.
|
CWE-787
Out-of-bounds Write
|
CVE-2018-12086
|
2024-11-21 12:44 |
2018-09-15 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
246668
|
8.2 |
HIGH
Local
|
intel
|
nuc_kit_firmware
compute_card_firmware
compute_stick_firmware
|
Improper input validation in firmware for Intel NUC Kits may allow a privileged user to potentially execute arbitrary code resulting in information disclosure, escalation of privilege and/or denial o…
|
CWE-20
Improper Input Validation
|
CVE-2018-12176
|
2024-11-21 12:44 |
2018-09-13 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
246669
|
7.8 |
HIGH
Local
|
intel
|
distribution_for_python
|
Default install directory permissions in Intel Distribution for Python (IDP) version 2018 may allow an unprivileged user to escalate privileges via local access.
|
CWE-276
Incorrect Default Permissions
|
CVE-2018-12175
|
2024-11-21 12:44 |
2018-09-13 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
246670
|
9.8 |
CRITICAL
Network
|
intel
|
bmc_firmware
|
Privilege escalation in Intel Baseboard Management Controller (BMC) firmware before version 1.43.91f76955 may allow an unprivileged user to potentially execute arbitrary code or perform denial of ser…
|
NVD-CWE-noinfo
|
CVE-2018-12171
|
2024-11-21 12:44 |
2018-09-13 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
