|
247251
|
7.5 |
HIGH
Network
|
doorkeeper_project
|
doorkeeper
|
Doorkeeper version 4.2.0 and later contains a Incorrect Access Control vulnerability in Token revocation API's authorized method that can result in Access tokens are not revoked for public OAuth apps…
|
CWE-732
Incorrect Permission Assignment for Critical Resource
|
CVE-2018-1000211
|
2024-11-21 12:39 |
2018-07-14 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
247252
|
7.5 |
HIGH
Network
|
modx
|
modx_revolution
|
MODX Revolution version <=2.6.4 contains a Directory Traversal vulnerability in /core/model/modx/modmanagerrequest.class.php that can result in remove files. This attack appear to be exploitable via …
|
CWE-22
Path Traversal
|
CVE-2018-1000208
|
2024-11-21 12:39 |
2018-07-14 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
247253
|
7.2 |
HIGH
Network
|
modx
|
modx_revolution
|
MODX Revolution version <=2.6.4 contains a Incorrect Access Control vulnerability in Filtering user parameters before passing them into phpthumb class that can result in Creating file with custom a f…
|
CWE-732
Incorrect Permission Assignment for Critical Resource
|
CVE-2018-1000207
|
2024-11-21 12:39 |
2018-07-14 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
247254
|
8.8 |
HIGH
Network
|
jfrog
|
artifactory
|
JFrog Artifactory version since 5.11 contains a Cross ite Request Forgery (CSRF) vulnerability in UI rest endpoints that can result in Classic CSRF attack allowing an attacker to perform actions as l…
|
CWE-352
Origin Validation Error
|
CVE-2018-1000206
|
2024-11-21 12:39 |
2018-07-14 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
247255
|
7.8 |
HIGH
Local
|
yamldotnet_project
|
yamldotnet
|
YamlDotNet version 4.3.2 and earlier contains a Insecure Direct Object Reference vulnerability in The default behavior of Deserializer.Deserialize() will deserialize user-controlled types in the line…
|
CWE-502
CWE-639
Deserialization of Untrusted Data
Authorization Bypass Through User-Controlled Key
|
CVE-2018-1000210
|
2024-11-21 12:39 |
2018-07-14 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
247256
|
8.8 |
HIGH
Network
|
sensu
|
sensu_core
|
Sensu, Inc. Sensu Core version Before version 1.4.2-3 contains a Insecure Permissions vulnerability in Sensu Core on Windows platforms that can result in Unprivileged users may execute code in contex…
|
CWE-732
Incorrect Permission Assignment for Critical Resource
|
CVE-2018-1000209
|
2024-11-21 12:39 |
2018-07-14 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
247257
|
6.5 |
MEDIUM
Network
|
microsoft
|
internet_explorer
|
A security feature bypass vulnerability exists when Microsoft Internet Explorer improperly handles requests involving UNC resources, aka "Internet Explorer Security Feature Bypass Vulnerability." Thi…
|
NVD-CWE-noinfo
|
CVE-2018-0949
|
2024-11-21 12:39 |
2018-07-11 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
247258
|
7.8 |
HIGH
Local
|
jenkins
|
aws_codebuild
|
Jenkins project Jenkins AWS CodeBuild Plugin version 0.26 and earlier contains a Insufficiently Protected Credentials vulnerability in AWSClientFactory.java, CodeBuilder.java that can result in Crede…
|
CWE-522
Insufficiently Protected Credentials
|
CVE-2018-1000404
|
2024-11-21 12:39 |
2018-07-9 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
247259
|
7.8 |
HIGH
Local
|
jenkins
|
aws_codedeploy
|
Jenkins project Jenkins AWS CodeDeploy Plugin version 1.19 and earlier contains a Insufficiently Protected Credentials vulnerability in AWSCodeDeployPublisher.java that can result in Credentials Disc…
|
CWE-522
Insufficiently Protected Credentials
|
CVE-2018-1000403
|
2024-11-21 12:39 |
2018-07-9 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
247260
|
4.3 |
MEDIUM
Network
|
jenkins
|
aws_codedeploy
|
Jenkins project Jenkins AWS CodeDeploy Plugin version 1.19 and earlier contains a File and Directory Information Exposure vulnerability in AWSCodeDeployPublisher.java that can result in Disclosure of…
|
CWE-200
Information Exposure
|
CVE-2018-1000402
|
2024-11-21 12:39 |
2018-07-9 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
