|
249741
|
5.5 |
MEDIUM
Local
|
clamav
canonical
debian
|
clamav
ubuntu_linux
debian_linux
|
ClamAV before 0.100.1 has an HWP integer overflow with a resultant infinite loop via a crafted Hangul Word Processor file. This is in parsehwp3_paragraph() in libclamav/hwp.c.
|
CWE-190
Integer Overflow or Wraparound
|
CVE-2018-0360
|
2024-11-21 12:38 |
2018-07-17 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
249742
|
8.8 |
HIGH
Network
|
cisco
|
ip_phone_multiplatform_firmware
|
A vulnerability in the web-based UI of Cisco IP Phone 6800, 7800, and 8800 Series with Multiplatform Firmware before 11.2(1) could allow an authenticated, remote attacker to perform a command injecti…
|
CWE-78
OS Command
|
CVE-2018-0341
|
2024-11-21 12:38 |
2018-07-17 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
249743
|
7.5 |
HIGH
Network
|
cisco
|
firepower_management_center
|
A vulnerability in the detection engine parsing of Security Socket Layer (SSL) protocol packets for Cisco Firepower System Software could allow an unauthenticated, remote attacker to cause a denial o…
|
CWE-20
Improper Input Validation
|
CVE-2018-0385
|
2024-11-21 12:38 |
2018-07-17 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
249744
|
5.8 |
MEDIUM
Network
|
cisco
|
firepower_management_center
|
A vulnerability in the detection engine of Cisco FireSIGHT System Software could allow an unauthenticated, remote attacker to bypass a URL-based access control policy that is configured to block traf…
|
CWE-693
Protection Mechanism Failure
|
CVE-2018-0384
|
2024-11-21 12:38 |
2018-07-17 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
249745
|
8.6 |
HIGH
Network
|
cisco
|
firepower_management_center
|
A vulnerability in the detection engine of Cisco FireSIGHT System Software could allow an unauthenticated, remote attacker to bypass a file policy that is configured to block the transfer of files to…
|
CWE-693
Protection Mechanism Failure
|
CVE-2018-0383
|
2024-11-21 12:38 |
2018-07-17 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
249746
|
7.5 |
HIGH
Network
|
cisco
|
firepower_management_center
|
A vulnerability in the detection engine of Cisco Firepower System Software could allow an unauthenticated, remote attacker to cause one of the detection engine processes to run out of memory and thus…
|
NVD-CWE-noinfo
|
CVE-2018-0370
|
2024-11-21 12:38 |
2018-07-17 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
249747
|
8.6 |
HIGH
Network
|
cisco
|
staros
|
A vulnerability in the reassembly logic for fragmented IPv4 packets of Cisco StarOS running on virtual platforms could allow an unauthenticated, remote attacker to trigger a reload of the npusim proc…
|
CWE-20
Improper Input Validation
|
CVE-2018-0369
|
2024-11-21 12:38 |
2018-07-17 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
249748
|
7.8 |
HIGH
Local
|
cisco
|
application_policy_infrastructure_controller_enterprise_module
|
A vulnerability in Cisco Digital Network Architecture (DNA) Center could allow an authenticated, local attacker to access sensitive information on an affected system. The vulnerability is due to insu…
|
NVD-CWE-noinfo
|
CVE-2018-0368
|
2024-11-21 12:38 |
2018-07-17 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
249749
|
6.1 |
MEDIUM
Network
|
cisco
|
web_security_appliance
|
A vulnerability in the web-based management interface of Cisco Web Security Appliance (WSA) could allow an unauthenticated, remote attacker to conduct a reflected cross-site scripting (XSS) attack ag…
|
CWE-79
Cross-site Scripting
|
CVE-2018-0366
|
2024-11-21 12:38 |
2018-07-17 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
249750
|
9.8 |
CRITICAL
Network
|
haxx
canonical
|
curl
ubuntu_linux
|
Curl_smtp_escape_eob in lib/smtp.c in curl 7.54.1 to and including curl 7.60.0 has a heap-based buffer overflow that might be exploitable by an attacker who can control the data that curl transmits o…
|
CWE-787
Out-of-bounds Write
|
CVE-2018-0500
|
2024-11-21 12:38 |
2018-07-11 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
