|
246511
|
9.8 |
CRITICAL
Network
|
ntp
|
ntp
|
Stack-based buffer overflow in ntpq and ntpdc of NTP version 4.2.8p11 allows an attacker to achieve code execution or escalate to higher privileges via a long string as the argument for an IPv4 or IP…
|
CWE-787
Out-of-bounds Write
|
CVE-2018-12327
|
2024-11-21 12:44 |
2018-06-20 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
246512
|
8.8 |
HIGH
Network
|
webkit
|
webkitgtk\+
|
WebCore/platform/graphics/texmap/TextureMapperLayer.cpp in WebKit, as used in WebKitGTK+ prior to version 2.20.2, is vulnerable to a use after free for a WebCore::TextureMapperLayer object.
|
CWE-416
Use After Free
|
CVE-2018-12294
|
2024-11-21 12:44 |
2018-06-20 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
246513
|
8.8 |
HIGH
Network
|
canonical
webkitgtk
wpewebkit
|
ubuntu_linux
webkitgtk\+
wpe_webkit
|
The getImageData function in the ImageBufferCairo class in WebCore/platform/graphics/cairo/ImageBufferCairo.cpp in WebKit, as used in WebKitGTK+ prior to version 2.20.3 and WPE WebKit prior to versio…
|
CWE-787
CWE-190
Out-of-bounds Write
Integer Overflow or Wraparound
|
CVE-2018-12293
|
2024-11-21 12:44 |
2018-06-20 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
246514
|
5.5 |
MEDIUM
Local
|
liblnk_project
|
liblnk
|
The liblnk_data_block_read function in liblnk_data_block.c in liblnk through 2018-04-19 allows remote attackers to cause an information disclosure (heap-based buffer over-read) via a crafted lnk file…
|
CWE-200
CWE-125
Information Exposure
Out-of-bounds Read
|
CVE-2018-12098
|
2024-11-21 12:44 |
2018-06-20 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
246515
|
5.5 |
MEDIUM
Local
|
liblnk_project
|
liblnk
|
The liblnk_location_information_read_data function in liblnk_location_information.c in liblnk through 2018-04-19 allows remote attackers to cause an information disclosure (heap-based buffer over-rea…
|
CWE-200
CWE-125
Information Exposure
Out-of-bounds Read
|
CVE-2018-12097
|
2024-11-21 12:44 |
2018-06-20 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
246516
|
5.5 |
MEDIUM
Local
|
liblnk_project
|
liblnk
|
The liblnk_data_string_get_utf8_string_size function in liblnk_data_string.c in liblnk through 2018-04-19 allows remote attackers to cause an information disclosure (heap-based buffer over-read) via …
|
CWE-125
Out-of-bounds Read
|
CVE-2018-12096
|
2024-11-21 12:44 |
2018-06-20 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
246517
|
6.1 |
MEDIUM
Network
|
airbnb
|
knowledge_repo
|
Cross-site scripting (XSS) vulnerability in Airbnb Knowledge Repo 0.7.4 allows remote attackers to inject arbitrary web scripts or HTML via the post comments functionality, as demonstrated by the pos…
|
CWE-79
Cross-site Scripting
|
CVE-2018-12104
|
2024-11-21 12:44 |
2018-06-18 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
246518
|
5.3 |
MEDIUM
Adjacent
|
eminent-online
|
em4544
|
An issue was discovered on Eminent EM4544 9.10 devices. The device does not require the user's current password to set a new one within the web interface. Therefore, it is possible to exploit this is…
|
CWE-79
Cross-site Scripting
|
CVE-2018-12073
|
2024-11-21 12:44 |
2018-06-18 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
246519
|
9.8 |
CRITICAL
Network
|
cloudmedia
|
popcorn_a-200_firmware
|
An issue was discovered in Cloud Media Popcorn A-200 03-05-130708-21-POP-411-000 firmware. It is configured to provide TELNET remote access (without a password) that pops a shell as root. If an attac…
|
NVD-CWE-noinfo
|
CVE-2018-12072
|
2024-11-21 12:44 |
2018-06-18 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
246520
|
9.8 |
CRITICAL
Network
|
codeigniter
|
codeigniter
|
A Session Fixation issue exists in CodeIgniter before 3.1.9 because session.use_strict_mode in the Session Library was mishandled.
|
CWE-384
Session Fixation
|
CVE-2018-12071
|
2024-11-21 12:44 |
2018-06-18 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
