|
245941
|
9.8 |
CRITICAL
Network
|
axentra
|
hipserv
|
/api/2.0/rest/aggregator/xml in Axentra firmware, used by NETGEAR Stora, Seagate GoFlex Home, and MEDION LifeCloud, has an XXE vulnerability that can be chained with an SSRF bug to gain remote comman…
|
CWE-611
XXE
|
CVE-2018-18471
|
2024-11-21 12:55 |
2019-06-20 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
245942
|
6.5 |
MEDIUM
Network
|
primeo_project
|
primeo
|
The doAirdrop function of a smart contract implementation for Primeo (PEO), an Ethereum token, does not check the numerical relationship between the amount of the air drop and the token's total suppl…
|
CWE-330
Use of Insufficiently Random Values
|
CVE-2018-18425
|
2024-11-21 12:55 |
2019-06-20 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
245943
|
9.9 |
CRITICAL
Network
|
tufin
|
securetrack
|
An issue was discovered in Tufin SecureTrack 18.1 with TufinOS 2.16 build 1179(Final). The Audit Report module is affected by a blind XXE vulnerability when a new Best Practices Report is saved using…
|
CWE-611
XXE
|
CVE-2018-18406
|
2024-11-21 12:55 |
2019-06-20 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
245944
|
9.8 |
CRITICAL
Network
|
mlmsoftwarez
|
add_clicking_mlm_software
binary_mlm_software
level_mlm_software
singleleg_mlm_software
autopool_mlm_software
investmen_mlm_software
bidding_mlm_software
moneyorder_mlm_software<…
|
SQL injection exists in ADD Clicking MLM Software 1.0, Binary MLM Software 1.0, Level MLM Software 1.0, Singleleg MLM Software 1.0, Autopool MLM Software 1.0, Investment MLM Software 1.0, Bidding MLM…
|
CWE-89
SQL Injection
|
CVE-2018-17843
|
2024-11-21 12:55 |
2019-05-25 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
245945
|
5.3 |
MEDIUM
Network
|
bitdefender
|
scan_engines
|
An issue was discovered in Bitdefender Engines before 7.76808. A vulnerability has been discovered in the dalvik.xmd parser that results from a lack of proper validation of user-supplied data, which …
|
CWE-125
Out-of-bounds Read
|
CVE-2018-18060
|
2024-11-21 12:55 |
2019-05-25 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
245946
|
5.3 |
MEDIUM
Network
|
bitdefender
|
scan_engines
|
An issue was discovered in Bitdefender Engines before 7.76675. A vulnerability has been discovered in the rar.xmd parser that results from a lack of proper validation of user-supplied data, which can…
|
CWE-125
Out-of-bounds Read
|
CVE-2018-18059
|
2024-11-21 12:55 |
2019-05-25 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
245947
|
5.3 |
MEDIUM
Network
|
bitdefender
|
scan_engines
|
An issue was discovered in Bitdefender Engines before 7.76662. A vulnerability has been discovered in the iso.xmd parser that results from a lack of proper validation of user-supplied data, which can…
|
CWE-369
Divide By Zero
|
CVE-2018-18058
|
2024-11-21 12:55 |
2019-05-25 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
245948
|
4.8 |
MEDIUM
Network
|
profiles_project
|
profiles
|
XSS exists in the ProFiles 1.5 component for Joomla! via the name or path parameter when creating a new folder in the administrative panel.
|
CWE-79
Cross-site Scripting
|
CVE-2018-18276
|
2024-11-21 12:55 |
2019-04-27 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
245949
|
7.8 |
HIGH
Local
|
symantec
|
endpoint_protection_manager
|
Symantec Endpoint Protection Manager (SEPM) prior to and including 12.1 RU6 MP9 and prior to 14.2 RU1 may be susceptible to a DLL Preloading vulnerability, which is a type of issue that can occur whe…
|
CWE-426
Untrusted Search Path
|
CVE-2018-18367
|
2024-11-21 12:55 |
2019-04-26 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
245950
|
6.5 |
MEDIUM
Local
|
symantec
|
endpoint_protection
endpoint_protection_cloud
norton_security
endpoint_protection_cloud_agent
|
Symantec Norton Security prior to 22.16.3, SEP (Windows client) prior to and including 12.1 RU6 MP9, and prior to 14.2 RU1, SEP SBE prior to Cloud Agent 3.00.31.2817, NIS-22.15.2.22, SEP-12.1.7484.70…
|
CWE-908
Use of Uninitialized Resource
|
CVE-2018-18366
|
2024-11-21 12:55 |
2019-04-26 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
