|
246631
|
8.1 |
HIGH
Network
|
sensiolabs
debian
fedoraproject
|
symfony
debian_linux
fedora
|
An issue was discovered in the Security component in Symfony 2.7.x before 2.7.48, 2.8.x before 2.8.41, 3.3.x before 3.3.17, 3.4.x before 3.4.11, and 4.0.x before 4.0.11. A session fixation vulnerabil…
|
CWE-384
Session Fixation
|
CVE-2018-11385
|
2024-11-21 12:43 |
2018-06-14 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
246632
|
5.3 |
MEDIUM
Network
|
splunk
|
splunk
|
Splunk through 7.0.1 allows information disclosure by appending __raw/services/server/info/server-info?output_mode=json to a query, as demonstrated by discovering a license key.
|
CWE-200
Information Exposure
|
CVE-2018-11409
|
2024-11-21 12:43 |
2018-06-8 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
246633
|
6.1 |
MEDIUM
Network
|
sgin
|
xiangyun_platform
|
SGIN.CN xiangyun platform V9.4.10 has XSS via the login_url parameter to /login.php.
|
CWE-79
Cross-site Scripting
|
CVE-2018-11553
|
2024-11-21 12:43 |
2018-06-6 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
246634
|
9.8 |
CRITICAL
Network
|
searchblox
|
searchblox
|
XML external entity (XXE) vulnerability in api/rest/status in SearchBlox 8.6.7 allows remote unauthenticated users to read arbitrary files or conduct server-side request forgery (SSRF) attacks via a …
|
CWE-611
CWE-918
XXE
Server-Side Request Forgery (SSRF)
|
CVE-2018-11586
|
2024-11-21 12:43 |
2018-06-6 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
246635
|
9.8 |
CRITICAL
Network
|
mruby
debian
|
mruby
debian_linux
|
The init_copy function in kernel.c in mruby 1.4.1 makes initialize_copy calls for TT_ICLASS objects, which allows attackers to cause a denial of service (mrb_hash_keys uninitialized pointer and appli…
|
CWE-824
Access of Uninitialized Pointer
|
CVE-2018-11743
|
2024-11-21 12:43 |
2018-06-5 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
246636
|
9.8 |
CRITICAL
Network
|
wuzhicms
|
wuzhicms
|
WUZHI CMS 4.1.0 has a SQL Injection in api/uc.php via the 'code' parameter, because 'UC_KEY' is hard coded.
|
CWE-89
SQL Injection
|
CVE-2018-11722
|
2024-11-21 12:43 |
2018-06-5 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
246637
|
8.1 |
HIGH
Network
|
sleuthkit
|
the_sleuth_kit
|
An issue was discovered in libtskbase.a in The Sleuth Kit (TSK) from release 4.0.2 through to 4.6.1. An out-of-bounds read of a memory region was found in the function tsk_UTF16toUTF8 in tsk/base/tsk…
|
CWE-125
Out-of-bounds Read
|
CVE-2018-11740
|
2024-11-21 12:43 |
2018-06-5 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
246638
|
8.1 |
HIGH
Network
|
sleuthkit
|
the_sleuth_kit
|
An issue was discovered in libtskimg.a in The Sleuth Kit (TSK) from release 4.0.2 through to 4.6.1. An out-of-bounds read of a memory region was found in the function raw_read in tsk/img/raw.c which …
|
CWE-125
Out-of-bounds Read
|
CVE-2018-11739
|
2024-11-21 12:43 |
2018-06-5 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
246639
|
8.1 |
HIGH
Network
|
sleuthkit
|
the_sleuth_kit
|
An issue was discovered in libtskfs.a in The Sleuth Kit (TSK) from release 4.0.2 through to 4.6.1. An out-of-bounds read of a memory region was found in the function ntfs_make_data_run in tsk/fs/ntfs…
|
CWE-125
Out-of-bounds Read
|
CVE-2018-11738
|
2024-11-21 12:43 |
2018-06-5 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
246640
|
8.1 |
HIGH
Network
|
sleuthkit
|
the_sleuth_kit
|
An issue was discovered in libtskfs.a in The Sleuth Kit (TSK) from release 4.0.2 through to 4.6.1. An out-of-bounds read of a memory region was found in the function ntfs_fix_idxrec in tsk/fs/ntfs_de…
|
CWE-125
Out-of-bounds Read
|
CVE-2018-11737
|
2024-11-21 12:43 |
2018-06-5 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
