|
246641
|
9.8 |
CRITICAL
Network
|
sam2p_project
debian
|
sam2p
debian_linux
|
There is a heap-based buffer overflow in ReadImage in input-tga.ci in sam2p 0.49.4 that leads to a denial of service or possibly unspecified other impact.
|
CWE-787
Out-of-bounds Write
|
CVE-2018-12601
|
2024-11-21 12:45 |
2018-06-21 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
246642
|
8.8 |
HIGH
Network
|
debian
canonical
imagemagick
|
debian_linux
ubuntu_linux
imagemagick
|
In ImageMagick 7.0.8-3 Q16, ReadDIBImage and WriteDIBImage in coders/dib.c allow attackers to cause an out of bounds write via a crafted file.
|
CWE-787
Out-of-bounds Write
|
CVE-2018-12600
|
2024-11-21 12:45 |
2018-06-21 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
246643
|
8.8 |
HIGH
Network
|
debian
canonical
imagemagick
|
debian_linux
ubuntu_linux
imagemagick
|
In ImageMagick 7.0.8-3 Q16, ReadBMPImage and WriteBMPImage in coders/bmp.c allow attackers to cause an out of bounds write via a crafted file.
|
CWE-787
Out-of-bounds Write
|
CVE-2018-12599
|
2024-11-21 12:45 |
2018-06-21 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
246644
|
7.5 |
HIGH
Network
|
email\
|
\
|
The parse() method in the Email::Address module through 1.909 for Perl is vulnerable to Algorithmic complexity on specially prepared input, leading to Denial of Service. Prepared special input that c…
|
CWE-407
Inefficient Algorithmic Complexity
|
CVE-2018-12558
|
2024-11-21 12:45 |
2018-06-20 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
246645
|
7.5 |
HIGH
Network
|
reliablecontrols
|
mach-prowebcom_firmware
|
Reliable Controls MACH-ProWebCom 7.80 devices allow remote attackers to obtain sensitive information via a direct request for the data/fileinfo.xml or job/job.json file, as demonstrated the Master Pa…
|
CWE-200
Information Exposure
|
CVE-2018-12594
|
2024-11-21 12:45 |
2018-06-20 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
246646
|
7.5 |
HIGH
Network
|
polycom
|
realpresence_web_suite
|
Polycom RealPresence Web Suite before 2.2.0 does not block a user's video for a few seconds upon joining a meeting (when the user has explicitly chosen to turn off the video using a specific option).…
|
CWE-200
Information Exposure
|
CVE-2018-12592
|
2024-11-21 12:45 |
2018-06-20 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
246647
|
7.2 |
HIGH
Network
|
ubnt
|
edgeswitch_firmware
|
Ubiquiti Networks EdgeSwitch version 1.7.3 and prior suffer from an improperly neutralized element in an OS command due to lack of protection on the admin CLI, leading to code execution and privilege…
|
CWE-78
OS Command
|
CVE-2018-12591
|
2024-11-21 12:45 |
2018-06-20 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
246648
|
7.2 |
HIGH
Network
|
ui
|
edgeswitch_firmware
|
Ubiquiti Networks EdgeSwitch version 1.7.3 and prior suffer from an externally controlled format-string vulnerability due to lack of protection on the admin CLI, leading to code execution and privile…
|
CWE-134
Use of Externally-Controlled Format String
|
CVE-2018-12590
|
2024-11-21 12:45 |
2018-06-20 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
246649
|
3.6 |
LOW
Local
|
dropbox
|
dropbox
|
An issue was discovered in the com.dropbox.android application 98.2.2 for Android. The Passcode feature allows authentication bypass via runtime manipulation that forces a certain method's return val…
|
CWE-287
Improper Authentication
|
CVE-2018-12446
|
2024-11-21 12:45 |
2018-06-20 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
246650
|
6.1 |
MEDIUM
Network
|
public_knowledge_project
|
open_monograph_press
|
Cross-site scripting (XSS) vulnerability in templates/frontend/pages/searchResults.tpl in Public Knowledge Project (PKP) Open Monograph Press (OMP) v1.2.0 through 3.1.1-2 before 3.1.1-3 allows remote…
|
CWE-79
Cross-site Scripting
|
CVE-2018-12588
|
2024-11-21 12:45 |
2018-06-20 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
