|
246451
|
7.5 |
HIGH
Network
|
linktoken_project
|
linktoken
|
The mint function of a smart contract implementation for Link Platform (LNK), an Ethereum ERC20 token, has an integer overflow that allows the owner of the contract to set the balance of an arbitrary…
|
CWE-190
Integer Overflow or Wraparound
|
CVE-2018-13041
|
2024-11-21 12:46 |
2018-07-2 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
246452
|
8.8 |
HIGH
Network
|
opendesa
|
opensid
|
OpenSID 18.06-pasca has a CSRF vulnerability. This vulnerability can add an account (at the admin level) via the index.php/man_user/insert URI.
|
CWE-352
Origin Validation Error
|
CVE-2018-13040
|
2024-11-21 12:46 |
2018-07-2 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
246453
|
6.1 |
MEDIUM
Network
|
opendesa
|
opensid
|
OpenSID 18.06-pasca has reflected Cross Site Scripting (XSS) via the cari parameter, aka an index.php/first?cari= URI.
|
CWE-79
Cross-site Scripting
|
CVE-2018-13039
|
2024-11-21 12:46 |
2018-07-2 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
246454
|
9.8 |
CRITICAL
Network
|
opendesa
|
opensid
|
OpenSID 18.06-pasca has an Unrestricted File Upload vulnerability via an Attachment Document in the article feature. This vulnerability leads to uploading arbitrary PHP code via a .php filename with …
|
CWE-434
Unrestricted Upload of File with Dangerous Type
|
CVE-2018-13038
|
2024-11-21 12:46 |
2018-07-2 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
246455
|
7.8 |
HIGH
Local
|
jpeg-compressor_project
|
jpeg_compressor
|
An issue was discovered in jpeg-compressor 0.1. The bmp_load function in stb_image.c allows remote attackers to cause a denial of service (heap-based buffer overflow and application crash) or possibl…
|
CWE-787
Out-of-bounds Write
|
CVE-2018-13037
|
2024-11-21 12:46 |
2018-07-2 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
246456
|
5.5 |
MEDIUM
Local
|
gnu
redhat
|
binutils
enterprise_linux_desktop
enterprise_linux_workstation
enterprise_linux_server
openshift_container_platform
|
The Binary File Descriptor (BFD) library (aka libbfd), as distributed in GNU Binutils 2.30, allows remote attackers to cause a denial of service (excessive memory allocation and application crash) vi…
|
CWE-770
Allocation of Resources Without Limits or Throttling
|
CVE-2018-13033
|
2024-11-21 12:46 |
2018-07-2 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
246457
|
8.8 |
HIGH
Network
|
ecessa
|
shieldlink_sl175ehq_firmware
|
ECESSA ShieldLink SL175EHQ 10.7.4 devices have CSRF to add superuser accounts via the cgi-bin/pl_web.cgi/util_configlogin_act URI.
|
CWE-352
Origin Validation Error
|
CVE-2018-13032
|
2024-11-21 12:46 |
2018-07-2 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
246458
|
5.3 |
MEDIUM
Network
|
phpwcms
|
phpwcms
|
phpwcms 1.8.9 allows remote attackers to discover the installation path via an invalid csrf_token_value field.
|
CWE-200
Information Exposure
|
CVE-2018-12990
|
2024-11-21 12:46 |
2018-06-30 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
246459
|
7.8 |
HIGH
Local
|
jpeg-compressor_project
|
jpeg_compressor
|
An issue was discovered in jpeg-compressor 0.1. The build_huffman function in stb_image.c allows remote attackers to cause a denial of service (stack-based buffer overflow and application crash) or p…
|
CWE-787
Out-of-bounds Write
|
CVE-2018-13030
|
2024-11-21 12:46 |
2018-06-30 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
246460
|
9.8 |
CRITICAL
Network
|
gopro
|
gpmf-parser
|
An issue was discovered in gpmf-parser 1.1.2. There is a heap-based buffer over-read in GPMF_parser.c in the function GPMF_Type.
|
CWE-125
Out-of-bounds Read
|
CVE-2018-13026
|
2024-11-21 12:46 |
2018-06-30 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
