|
247581
|
8.8 |
HIGH
Network
|
nasa
|
rtretrievalframework
|
NASA RtRetrievalFramework version v1.0 contains a CWE-502 vulnerability in Data retrieval functionality of RtRetrieval framework that can result in remote code execution. This attack appear to be exp…
|
CWE-502
Deserialization of Untrusted Data
|
CVE-2018-1000048
|
2024-11-21 12:39 |
2018-02-10 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
247582
|
8.8 |
HIGH
Network
|
nasa
|
kodiak
|
NASA Kodiak version v1.0 contains a CWE-502 vulnerability in Kodiak library's data processing function that can result in remote code execution. This attack appear to be exploitable via Victim opens …
|
CWE-502
Deserialization of Untrusted Data
|
CVE-2018-1000047
|
2024-11-21 12:39 |
2018-02-10 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
247583
|
7.8 |
HIGH
Local
|
nasa
|
pyblock
|
NASA Pyblock version v1.0 - v1.3 contains a CWE-502 vulnerability in Radar data parsing library that can result in remote code execution. This attack appear to be exploitable via Victim opening a spe…
|
CWE-502
Deserialization of Untrusted Data
|
CVE-2018-1000046
|
2024-11-21 12:39 |
2018-02-10 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
247584
|
7.8 |
HIGH
Local
|
nasa
|
singledop
|
NASA Singledop version v1.0 contains a CWE-502 vulnerability in NASA Singledop library (Weather data) that can result in remote code execution. This attack appear to be exploitable via Victim opening…
|
CWE-502
Deserialization of Untrusted Data
|
CVE-2018-1000045
|
2024-11-21 12:39 |
2018-02-10 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
247585
|
9.8 |
CRITICAL
Network
|
securityonion
|
squert
|
Security Onion Solutions Squert version 1.1.1 through 1.6.7 contains a SQL Injection vulnerability in .inc/callback.php that can result in execution of SQL commands. This attack appear to be exploita…
|
CWE-89
SQL Injection
|
CVE-2018-1000044
|
2024-11-21 12:39 |
2018-02-10 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
247586
|
9.8 |
CRITICAL
Network
|
securityonion
|
squert
|
Security Onion Solutions Squert version 1.0.1 through 1.6.7 contains a CWE-78: Improper Neutralization of Special Elements used in an OS Command (OS Command Injection) vulnerability in .inc/callback.…
|
CWE-78
OS Command
|
CVE-2018-1000043
|
2024-11-21 12:39 |
2018-02-10 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
247587
|
9.8 |
CRITICAL
Network
|
securityonion
|
squert
|
Security Onion Solutions Squert version 1.3.0 through 1.6.7 contains a CWE-78: Improper Neutralization of Special Elements used in an OS Command (OS Command Injection) vulnerability in .inc/callback.…
|
CWE-78
OS Command
|
CVE-2018-1000042
|
2024-11-21 12:39 |
2018-02-10 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
247588
|
8.8 |
HIGH
Network
|
gnome
debian
|
librsvg
debian_linux
|
GNOME librsvg version before commit c6ddf2ed4d768fd88adbea2b63f575cd523022ea contains a Improper input validation vulnerability in rsvg-io.c that can result in the victim's Windows username and NTLM …
|
NVD-CWE-noinfo
|
CVE-2018-1000041
|
2024-11-21 12:39 |
2018-02-10 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
247589
|
7.8 |
HIGH
Local
|
unzip_project
|
unzip
|
A heap-based buffer overflow exists in Info-Zip UnZip version <= 6.00 in the processing of password-protected archives that allows an attacker to perform a denial of service or to possibly achieve co…
|
CWE-787
Out-of-bounds Write
|
CVE-2018-1000035
|
2024-11-21 12:39 |
2018-02-10 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
247590
|
9.1 |
CRITICAL
Network
|
info-zip
|
unzip
|
An out-of-bounds read exists in Info-Zip UnZip version 6.10c22 that allows an attacker to perform a denial of service and read sensitive memory.
|
CWE-125
Out-of-bounds Read
|
CVE-2018-1000034
|
2024-11-21 12:39 |
2018-02-10 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
