|
247951
|
7.8 |
HIGH
Local
|
transmissionbt
debian
fedoraproject
|
transmission
debian_linux
fedora
|
Use-after-free in libtransmission/variant.c in Transmission before 3.00 allows remote attackers to cause a denial of service (crash) or possibly execute arbitrary code via a crafted torrent file.
|
CWE-416
Use After Free
|
CVE-2018-10756
|
2024-11-21 12:41 |
2020-05-16 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
247952
|
6.1 |
MEDIUM
Network
|
yii2cmf_project
|
yii2cmf
|
yidashi yii2cmf 2.0 has XSS via the /search q parameter.
|
CWE-79
Cross-site Scripting
|
CVE-2018-10704
|
2024-11-21 12:41 |
2020-03-13 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
247953
|
8.8 |
HIGH
Network
|
jamf
|
jamf
|
Jamf Pro 10.x before 10.3.0 has Incorrect Access Control. Jamf Pro user accounts and groups with access to log in to Jamf Pro had full access to endpoints in the Universal API (UAPI), regardless of a…
|
NVD-CWE-noinfo
|
CVE-2018-10465
|
2024-11-21 12:41 |
2020-01-8 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
247954
|
9.8 |
CRITICAL
Network
|
open_tftp_server_project
|
open_tftp_server
|
Format string vulnerability in the logMess function in TFTP Server MT 1.65 and earlier allows remote attackers to perform a denial of service or execute arbitrary code via format string sequences in …
|
CWE-134
Use of Externally-Controlled Format String
|
CVE-2018-10389
|
2024-11-21 12:41 |
2019-12-24 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
247955
|
9.8 |
CRITICAL
Network
|
open_tftp_server_project
|
open_tftp_server
|
Format string vulnerability in the logMess function in TFTP Server SP 1.66 and earlier allows remote attackers to perform a denial of service or execute arbitrary code via format string sequences in …
|
CWE-134
Use of Externally-Controlled Format String
|
CVE-2018-10388
|
2024-11-21 12:41 |
2019-12-24 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
247956
|
9.8 |
CRITICAL
Network
|
open_tftp_server_project
|
open_tftp_server
|
Heap-based overflow vulnerability in TFTP Server SP 1.66 and earlier allows remote attackers to perform a denial of service or possibly execute arbitrary code via a long TFTP error packet, a differen…
|
CWE-787
Out-of-bounds Write
|
CVE-2018-10387
|
2024-11-21 12:41 |
2019-12-24 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
247957
|
6.1 |
MEDIUM
Network
|
fabrikar
|
fabrik
|
Reflected Cross-Site Scripting (XSS) vulnerability in the fabrik_referrer hidden field in the Fabrikar Fabrik component through v3.8.1 for Joomla! allows remote attackers to inject arbitrary web scri…
|
CWE-79
Cross-site Scripting
|
CVE-2018-10727
|
2024-11-21 12:41 |
2019-10-30 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
247958
|
7.5 |
HIGH
Network
|
americasarmy
|
proving_grounds
|
An issue was discovered in the America's Army Proving Grounds platform for the Unreal Engine. With a false packet sent via UDP, the application server responds with several bytes, giving the possibil…
|
CWE-20
Improper Input Validation
|
CVE-2018-10531
|
2024-11-21 12:41 |
2019-07-11 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
247959
|
6.7 |
MEDIUM
Local
|
infoblox
|
nios
|
A privilege escalation vulnerability in the "support access" feature on Infoblox NIOS 6.8 through 8.4.1 could allow a locally authenticated administrator to temporarily gain additional privileges on …
|
CWE-264
Permissions, Privileges, and Access Controls
|
CVE-2018-10239
|
2024-11-21 12:41 |
2019-06-18 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
247960
|
8.8 |
HIGH
Network
|
moxa
|
awk-3121_firmware
|
An issue was discovered on Moxa AWK-3121 1.14 devices. It provides functionality so that an administrator can run scripts on the device to troubleshoot any issues. However, the same functionality all…
|
CWE-119
Incorrect Access of Indexable Resource ('Range Error')
|
CVE-2018-10703
|
2024-11-21 12:41 |
2019-06-8 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
