|
251981
|
8.8 |
HIGH
Network
|
electronjs
|
electron
|
Github Electron version Electron 1.8.2-beta.4 and earlier contains a Command Injection vulnerability in Protocol Handler that can result in command execute. This attack appear to be exploitable via t…
|
CWE-78
OS Command
|
CVE-2018-1000118
|
2024-11-21 12:39 |
2018-03-7 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
251982
|
9.8 |
CRITICAL
Network
|
mingw-w64
|
mingw-w64
|
Mingw-w64 version 5.0.3 and earlier, 5.0.4, 6.0.0 and 7.0.0 contains an Improper Null Termination (CWE-170) vulnerability in mingw-w64-crt (libc)->(v)snprintf that can result in The bug may be used t…
|
NVD-CWE-noinfo
|
CVE-2018-1000101
|
2024-11-21 12:39 |
2018-03-7 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
251983
|
7.8 |
HIGH
Local
|
gpac_project
canonical
|
gpac
ubuntu_linux
|
GPAC MP4Box version 0.7.1 and earlier contains a Buffer Overflow vulnerability in src/isomedia/avc_ext.c lines 2417 to 2420 that can result in Heap chunks being modified, this could lead to RCE. This…
|
CWE-119
Incorrect Access of Indexable Resource ('Range Error')
|
CVE-2018-1000100
|
2024-11-21 12:39 |
2018-03-7 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
251984
|
7.5 |
HIGH
Network
|
memcached
canonical
debian
redhat
|
memcached
ubuntu_linux
debian_linux
openstack
|
Memcached version 1.5.5 contains an Insufficient Control of Network Message Volume (Network Amplification, CWE-406) vulnerability in the UDP support of the memcached server that can result in denial …
|
CWE-400
Uncontrolled Resource Consumption
|
CVE-2018-1000115
|
2024-11-21 12:39 |
2018-03-5 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
251985
|
6.1 |
MEDIUM
Network
|
microsoft
|
identity_manager
|
Microsoft Identity Manager 2016 SP1 allows an attacker to gain elevated privileges when it does not properly sanitize a specially crafted attribute value being displayed to a user on an affected MIM …
|
CWE-79
Cross-site Scripting
|
CVE-2018-0908
|
2024-11-21 12:39 |
2018-02-27 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
251986
|
5.3 |
MEDIUM
Network
|
jenkins
oracle
|
jenkins
communications_cloud_native_core_automated_test_suite
|
An improper input validation vulnerability exists in Jenkins versions 2.106 and earlier, and LTS 2.89.3 and earlier, that allows an attacker to access plugin resource files in the META-INF and WEB-IN…
|
CWE-200
Information Exposure
|
CVE-2018-1000068
|
2024-11-21 12:39 |
2018-02-16 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
251987
|
5.3 |
MEDIUM
Network
|
jenkins
oracle
|
jenkins
communications_cloud_native_core_automated_test_suite
|
An improper authorization vulnerability exists in Jenkins versions 2.106 and earlier, and LTS 2.89.3 and earlier, that allows an attacker to have Jenkins submit HTTP GET requests and get limited info…
|
CWE-918
Server-Side Request Forgery (SSRF)
|
CVE-2018-1000067
|
2024-11-21 12:39 |
2018-02-16 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
251988
|
5.4 |
MEDIUM
Network
|
microsoft
|
sharepoint_enterprise_server
|
SharePoint Server 2016 allows an elevation of privilege vulnerability due to how web requests are handled, aka "Microsoft SharePoint Elevation of Privilege Vulnerability".
|
CWE-79
Cross-site Scripting
|
CVE-2018-0869
|
2024-11-21 12:39 |
2018-02-15 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
251989
|
5.4 |
MEDIUM
Network
|
microsoft
|
sharepoint_server
|
SharePoint Project Server 2013 and SharePoint Enterprise Server 2016 allow an information disclosure vulnerability due to how web requests are handled, aka "Microsoft SharePoint Information Disclosur…
|
CWE-79
Cross-site Scripting
|
CVE-2018-0864
|
2024-11-21 12:39 |
2018-02-15 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
251990
|
7.5 |
HIGH
Network
|
microsoft
|
edge
|
Microsoft Edge in Microsoft Windows 10 1607, 1703, and Windows Server 2016 allows remote code execution, due to how the scripting engine handles objects in memory, aka "Scripting Engine Memory Corrup…
|
CWE-787
Out-of-bounds Write
|
CVE-2018-0861
|
2024-11-21 12:39 |
2018-02-15 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
