|
245871
|
9.8 |
CRITICAL
Network
|
pippo
|
pippo
|
An issue was discovered in Pippo 1.11.0. The function SerializationSessionDataTranscoder.decode() calls ObjectInputStream.readObject() to deserialize a SessionData object without checking the object …
|
CWE-502
Deserialization of Untrusted Data
|
CVE-2018-18628
|
2024-11-21 12:56 |
2018-10-24 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
245872
|
7.5 |
HIGH
Network
|
phpyun
|
phpyun
|
An issue was discovered in PHPYun V4.6. There is a vulnerability that can delete any file or directory via the "admin/index.php?m=database&c=del" sql parameter because del_action() in admin/model/dat…
|
NVD-CWE-noinfo
|
CVE-2018-18626
|
2024-11-21 12:56 |
2018-10-24 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
245873
|
6.1 |
MEDIUM
Network
|
bijiadao
|
waimai_super_cms
|
An issue was discovered in Waimai Super Cms 20150505. There is XSS via the index.php?m=public&a=doregister username parameter.
|
CWE-79
Cross-site Scripting
|
CVE-2018-18622
|
2024-11-21 12:56 |
2018-10-24 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
245874
|
6.1 |
MEDIUM
Network
|
dedecms
|
dedecms
|
DedeCMS 5.7 SP2 allows XSS via the function named GetPageList defined in the include/datalistcp.class.php file that is used to display the page numbers list at the bottom of some templates, as demons…
|
CWE-79
Cross-site Scripting
|
CVE-2018-18608
|
2024-11-21 12:56 |
2018-10-24 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
245875
|
5.5 |
MEDIUM
Local
|
gnu
debian
netapp
|
binutils
debian_linux
data_ontap
|
An issue was discovered in elf_link_input_bfd in elflink.c in the Binary File Descriptor (BFD) library (aka libbfd), as distributed in GNU Binutils 2.31. There is a NULL pointer dereference in elf_li…
|
CWE-476
NULL Pointer Dereference
|
CVE-2018-18607
|
2024-11-21 12:56 |
2018-10-24 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
245876
|
5.5 |
MEDIUM
Local
|
gnu
debian
netapp
|
binutils
debian_linux
data_ontap
|
An issue was discovered in the merge_strings function in merge.c in the Binary File Descriptor (BFD) library (aka libbfd), as distributed in GNU Binutils 2.31. There is a NULL pointer dereference in …
|
CWE-476
NULL Pointer Dereference
|
CVE-2018-18606
|
2024-11-21 12:56 |
2018-10-24 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
245877
|
5.5 |
MEDIUM
Local
|
gnu
debian
netapp
|
binutils
debian_linux
data_ontap
|
A heap-based buffer over-read issue was discovered in the function sec_merge_hash_lookup in merge.c in the Binary File Descriptor (BFD) library (aka libbfd), as distributed in GNU Binutils 2.31, beca…
|
CWE-125
Out-of-bounds Read
|
CVE-2018-18605
|
2024-11-21 12:56 |
2018-10-24 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
245878
|
8.8 |
HIGH
Network
|
microfocus
|
real_user_monitoring
|
A potential Remote Arbitrary Code Execution vulnerability has been identified in Micro Focus' Real User Monitoring software, versions 9.26IP, 9.30, 9.40 and 9.50. The vulnerability could be exploited…
|
CWE-502
Deserialization of Untrusted Data
|
CVE-2018-18589
|
2024-11-21 12:56 |
2018-10-24 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
245879
|
6.3 |
MEDIUM
Local
|
360totalsecurity
|
360_total_security
|
360 Total Security 3.5.0.1033 allows a Sandbox Escape via an "import os" statement, followed by os.system("CMD") or os.system("PowerShell"), within a .py file. NOTE: the vendor's position is that thi…
|
NVD-CWE-noinfo
|
CVE-2018-18603
|
2024-11-21 12:56 |
2018-10-24 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
245880
|
8.8 |
HIGH
Network
|
guardianproject
|
stegdetect
|
Stegdetect through 2018-05-26 has an out-of-bounds write in f5_compress in the f5.c file.
|
CWE-787
Out-of-bounds Write
|
CVE-2018-18599
|
2024-11-21 12:56 |
2018-10-24 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
