|
247131
|
7.5 |
HIGH
Network
|
cisco
|
firepower_management_center
|
A vulnerability in the detection engine of Cisco Firepower System Software could allow an unauthenticated, remote attacker to cause one of the detection engine processes to run out of memory and thus…
|
NVD-CWE-noinfo
|
CVE-2018-0370
|
2024-11-21 12:38 |
2018-07-17 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
247132
|
8.6 |
HIGH
Network
|
cisco
|
staros
|
A vulnerability in the reassembly logic for fragmented IPv4 packets of Cisco StarOS running on virtual platforms could allow an unauthenticated, remote attacker to trigger a reload of the npusim proc…
|
CWE-20
Improper Input Validation
|
CVE-2018-0369
|
2024-11-21 12:38 |
2018-07-17 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
247133
|
7.8 |
HIGH
Local
|
cisco
|
application_policy_infrastructure_controller_enterprise_module
|
A vulnerability in Cisco Digital Network Architecture (DNA) Center could allow an authenticated, local attacker to access sensitive information on an affected system. The vulnerability is due to insu…
|
NVD-CWE-noinfo
|
CVE-2018-0368
|
2024-11-21 12:38 |
2018-07-17 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
247134
|
6.1 |
MEDIUM
Network
|
cisco
|
web_security_appliance
|
A vulnerability in the web-based management interface of Cisco Web Security Appliance (WSA) could allow an unauthenticated, remote attacker to conduct a reflected cross-site scripting (XSS) attack ag…
|
CWE-79
Cross-site Scripting
|
CVE-2018-0366
|
2024-11-21 12:38 |
2018-07-17 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
247135
|
9.8 |
CRITICAL
Network
|
haxx
canonical
|
curl
ubuntu_linux
|
Curl_smtp_escape_eob in lib/smtp.c in curl 7.54.1 to and including curl 7.60.0 has a heap-based buffer overflow that might be exploitable by an attacker who can control the data that curl transmits o…
|
CWE-787
Out-of-bounds Write
|
CVE-2018-0500
|
2024-11-21 12:38 |
2018-07-11 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
247136
|
6.1 |
MEDIUM
Network
|
xapian
canonical
|
xapian-core
ubuntu_linux
|
A cross-site scripting vulnerability in queryparser/termgenerator_internal.cc in Xapian xapian-core before 1.4.6 exists due to incomplete HTML escaping by Xapian::MSet::snippet().
|
CWE-79
Cross-site Scripting
|
CVE-2018-0499
|
2024-11-21 12:38 |
2018-07-2 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
247137
|
6.1 |
MEDIUM
Network
|
5000_trillion_yen_converter_project
|
5000_trillion_yen_converter
|
Cross-site scripting vulnerability in 5000 trillion yen converter v1.0.6 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors.
|
CWE-79
Cross-site Scripting
|
CVE-2018-0612
|
2024-11-21 12:38 |
2018-06-26 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
247138
|
7.4 |
HIGH
Network
|
ana
|
ana
|
The ANA App for iOS version 4.0.22 and earlier does not verify X.509 certificates from SSL servers, which allows man-in-the-middle attackers to spoof servers and obtain sensitive information via a cr…
|
CWE-295
Improper Certificate Validation
|
CVE-2018-0611
|
2024-11-21 12:38 |
2018-06-26 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
247139
|
7.2 |
HIGH
Network
|
zenphoto
|
zenphoto
|
Local file inclusion vulnerability in Zenphoto 1.4.14 and earlier allows a remote attacker with an administrative privilege to execute arbitrary code or obtain sensitive information.
|
CWE-269
Improper Privilege Management
|
CVE-2018-0610
|
2024-11-21 12:38 |
2018-06-26 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
247140
|
7.8 |
HIGH
Local
|
linecorp
|
line
|
Untrusted search path vulnerability in LINE for Windows versions before 5.8.0 allows an attacker to gain privileges via a Trojan horse DLL in an unspecified directory.
|
CWE-426
Untrusted Search Path
|
CVE-2018-0609
|
2024-11-21 12:38 |
2018-06-26 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
