|
245841
|
5.5 |
MEDIUM
Local
|
gnu
|
binutils
|
An issue was discovered in cp-demangle.c in GNU libiberty, as distributed in GNU Binutils 2.31. There is a stack consumption vulnerability resulting from infinite recursion in the functions d_name(),…
|
CWE-835
Loop with Unreachable Exit Condition ('Infinite Loop')
|
CVE-2018-18700
|
2024-11-21 12:56 |
2018-10-29 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
245842
|
8.8 |
HIGH
Network
|
gopro
|
gpmf-parser
|
An issue was discovered in GoPro gpmf-parser 1.2.1. There is an out-of-bounds write in OpenMP4Source in GPMF_mp4reader.c.
|
CWE-787
Out-of-bounds Write
|
CVE-2018-18699
|
2024-11-21 12:56 |
2018-10-29 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
245843
|
4.8 |
MEDIUM
Network
|
monstra
|
monstra
|
admin/index.php?id=filesmanager in Monstra CMS 3.0.4 allows remote authenticated administrators to trigger stored XSS via JavaScript content in a file whose name lacks an extension. Such a file is in…
|
CWE-79
Cross-site Scripting
|
CVE-2018-18694
|
2024-11-21 12:56 |
2018-10-29 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
245844
|
5.5 |
MEDIUM
Local
|
linux
canonical
debian
|
linux_kernel
ubuntu_linux
debian_linux
|
In the Linux kernel before 4.17, a local attacker able to set attributes on an xfs filesystem could make this filesystem non-operational until the next mount by triggering an unchecked error conditio…
|
CWE-754
Improper Check for Unusual or Exceptional Conditions
|
CVE-2018-18690
|
2024-11-21 12:56 |
2018-10-27 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
245845
|
5.5 |
MEDIUM
Local
|
artifex
|
mupdf
|
There is an out-of-bounds read in fz_run_t3_glyph in fitz/font.c in Artifex MuPDF 1.14.0, as demonstrated by mutool.
|
CWE-125
Out-of-bounds Read
|
CVE-2018-18662
|
2024-11-21 12:56 |
2018-10-26 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
245846
|
6.5 |
MEDIUM
Network
|
libtiff
canonical
|
libtiff
ubuntu_linux
|
An issue was discovered in LibTIFF 4.0.9. There is a NULL pointer dereference in the function LZWDecode in the file tif_lzw.c.
|
CWE-476
NULL Pointer Dereference
|
CVE-2018-18661
|
2024-11-21 12:56 |
2018-10-26 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
245847
|
6.1 |
MEDIUM
Network
|
arcserve
|
udp
|
An issue was discovered in Arcserve Unified Data Protection (UDP) through 6.5 Update 4. There is a DDI-VRT-2018-21 Reflected Cross-site Scripting via /authenticationendpoint/domain.jsp issue.
|
CWE-79
Cross-site Scripting
|
CVE-2018-18660
|
2024-11-21 12:56 |
2018-10-26 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
245848
|
7.5 |
HIGH
Network
|
arcserve
|
udp
|
An issue was discovered in Arcserve Unified Data Protection (UDP) through 6.5 Update 4. There is a DDI-VRT-2018-19 Unauthenticated XXE in /management/UdpHttpService issue.
|
CWE-611
XXE
|
CVE-2018-18659
|
2024-11-21 12:56 |
2018-10-26 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
245849
|
7.5 |
HIGH
Network
|
arcserve
|
udp
|
An issue was discovered in Arcserve Unified Data Protection (UDP) through 6.5 Update 4. There is a DDI-VRT-2018-20 Unauthenticated Sensitive Information Disclosure via /UDPUpdates/Config/FullUpdateSe…
|
CWE-200
Information Exposure
|
CVE-2018-18658
|
2024-11-21 12:56 |
2018-10-26 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
245850
|
7.5 |
HIGH
Network
|
arcserve
|
udp
|
An issue was discovered in Arcserve Unified Data Protection (UDP) through 6.5 Update 4. There is a DDI-VRT-2018-18 Unauthenticated Sensitive Information Disclosure via /gateway/services/EdgeServiceIm…
|
CWE-200
Information Exposure
|
CVE-2018-18657
|
2024-11-21 12:56 |
2018-10-26 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
