|
246441
|
5.3 |
MEDIUM
Network
|
mediawiki
|
mediawiki
|
Mediawiki 1.31 before 1.31.1 misses .htaccess files in the provided tarball used to protect some directories that shouldn't be web accessible.
|
CWE-200
Information Exposure
|
CVE-2018-13258
|
2024-11-21 12:46 |
2018-10-5 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
246442
|
8.1 |
HIGH
Network
|
druide
|
antidote_9
|
Druide Antidote through 9.5.1 on Windows and Linux allows remote code execution through the update mechanism by leveraging use of HTTP to download installation packages.
|
CWE-319
Cleartext Transmission of Sensitive Information
|
CVE-2018-13140
|
2024-11-21 12:46 |
2018-09-25 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
246443
|
7.5 |
HIGH
Network
|
cryptosaga
|
cryptosaga
|
The random() function of the smart contract implementation for CryptoSaga, an Ethereum game, generates a random value with publicly readable variables such as timestamp, the current block's blockhash…
|
CWE-338
Use of Cryptographically Weak Pseudo-Random Number Generator (PRNG)
|
CVE-2018-12975
|
2024-11-21 12:46 |
2018-09-25 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
246444
|
5.9 |
MEDIUM
Network
|
wanscam
|
hw0021_firmware
|
There exists a partial Denial of Service vulnerability in Wanscam HW0021 IP Cameras. An attacker could craft a malicious POST request to crash the ONVIF service on such a device.
|
CWE-20
Improper Input Validation
|
CVE-2018-13111
|
2024-11-21 12:46 |
2018-09-22 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
246445
|
7.8 |
HIGH
Local
|
solarwinds
|
dameware_mini_remote_control
|
SolarWinds DameWare Mini Remote Control before 12.1 has a Buffer Overflow.
|
CWE-119
Incorrect Access of Indexable Resource ('Range Error')
|
CVE-2018-12897
|
2024-11-21 12:46 |
2018-09-8 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
246446
|
9.8 |
CRITICAL
Network
|
canonical
zsh
|
ubuntu_linux
zsh
|
An issue was discovered in zsh before 5.6. Shebang lines exceeding 64 characters were truncated, potentially leading to an execve call to a program name that is a substring of the intended one.
|
CWE-20
Improper Input Validation
|
CVE-2018-13259
|
2024-11-21 12:46 |
2018-09-5 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
246447
|
8.8 |
HIGH
Network
|
crestron
|
tsw-x60_firmware
mc3_firmware
|
Crestron TSW-X60 all versions prior to 2.001.0037.001 and MC3 all versions prior to 1.502.0047.00, The passwords for special sudo accounts may be calculated using information accessible to those with…
|
NVD-CWE-noinfo
|
CVE-2018-13341
|
2024-11-21 12:46 |
2018-08-11 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
246448
|
5.9 |
MEDIUM
Network
|
mycryptochamp
|
mycryptochamp
|
The randMod() function of the smart contract implementation for MyCryptoChamp, an Ethereum game, generates a random value with publicly readable variables such as the current block information and a …
|
CWE-338
Use of Cryptographically Weak Pseudo-Random Number Generator (PRNG)
|
CVE-2018-12885
|
2024-11-21 12:46 |
2018-08-8 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
246449
|
6.1 |
MEDIUM
Network
|
mantisbt
|
mantisbt
|
A cross-site scripting (XSS) vulnerability in the View Filters page (view_filters_page.php) in MantisBT 2.1.0 through 2.15.0 allows remote attackers to inject arbitrary code (if CSP settings permit i…
|
CWE-79
Cross-site Scripting
|
CVE-2018-13055
|
2024-11-21 12:46 |
2018-08-4 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
246450
|
6.7 |
MEDIUM
Local
|
pearsonvue
|
iqsystem_7
console_8
|
The report-viewing feature in Pearson VUE Certiport Console 8 and IQSystem 7 before 2018-06-26 mishandles child processes and consequently launches Internet Explorer or Microsoft Edge as Administrato…
|
CWE-281
Improper Preservation of Permissions
|
CVE-2018-12989
|
2024-11-21 12:46 |
2018-08-4 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
