|
247751
|
9.8 |
CRITICAL
Network
|
emc
|
esrs_policy_manager
|
Dell EMC ESRS Policy Manager versions 6.8 and prior contain a remote code execution vulnerability due to improper configurations of triggered JMX services. A remote unauthenticated attacker may poten…
|
NVD-CWE-noinfo
|
CVE-2018-15764
|
2024-11-21 12:51 |
2018-09-29 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
247752
|
6.7 |
MEDIUM
Local
|
avaya
|
aura_communication_manager
|
A vulnerability in the local system administration component of Avaya Aura Communication Manager can allow an authenticated, privileged user on the local system to gain root privileges. Affected vers…
|
NVD-CWE-noinfo
|
CVE-2018-15611
|
2024-11-21 12:51 |
2018-09-28 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
247753
|
9.8 |
CRITICAL
Network
|
javamelody_project
|
javamelody
|
JavaMelody before 1.74.0 has XXE via parseSoapMethodName in bull/javamelody/PayloadNameRequestWrapper.java.
|
CWE-611
XXE
|
CVE-2018-15531
|
2024-11-21 12:51 |
2018-09-27 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
247754
|
7.5 |
HIGH
Network
|
xelerance
|
openswan
|
In verify_signed_hash() in lib/liboswkeys/signatures.c in Openswan before 2.6.50.1, the RSA implementation does not verify the value of padding string during PKCS#1 v1.5 signature verification. Conse…
|
CWE-347
Improper Verification of Cryptographic Signature
|
CVE-2018-15836
|
2024-11-21 12:51 |
2018-09-27 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
247755
|
6.1 |
MEDIUM
Network
|
salesagility
|
suitecrm
|
An XSS issue was discovered in SalesAgility SuiteCRM 7.x before 7.8.21 and 7.10.x before 7.10.8, related to phishing an error message.
|
CWE-79
Cross-site Scripting
|
CVE-2018-15606
|
2024-11-21 12:51 |
2018-09-27 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
247756
|
7.5 |
HIGH
Network
|
adobe
redhat
|
flash_player_desktop_runtime
flash_player
enterprise_linux_desktop
enterprise_linux_server
enterprise_linux_workstation
|
Adobe Flash Player versions 30.0.0.154 and earlier have a privilege escalation vulnerability. Successful exploitation could lead to information disclosure.
|
CWE-200
Information Exposure
|
CVE-2018-15967
|
2024-11-21 12:51 |
2018-09-25 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
247757
|
9.8 |
CRITICAL
Network
|
adobe
|
coldfusion
|
Adobe ColdFusion versions July 12 release (2018.0.0.310739), Update 6 and earlier, and Update 14 and earlier have a deserialization of untrusted data vulnerability. Successful exploitation could lead…
|
CWE-502
Deserialization of Untrusted Data
|
CVE-2018-15965
|
2024-11-21 12:51 |
2018-09-25 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
247758
|
7.5 |
HIGH
Network
|
adobe
|
coldfusion
|
Adobe ColdFusion versions July 12 release (2018.0.0.310739), Update 6 and earlier, and Update 14 and earlier have a use of a component with a known vulnerability vulnerability. Successful exploitatio…
|
CWE-200
Information Exposure
|
CVE-2018-15964
|
2024-11-21 12:51 |
2018-09-25 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
247759
|
5.3 |
MEDIUM
Network
|
adobe
|
coldfusion
|
Adobe ColdFusion versions July 12 release (2018.0.0.310739), Update 6 and earlier, and Update 14 and earlier have a security bypass vulnerability. Successful exploitation could lead to arbitrary fold…
|
NVD-CWE-noinfo
|
CVE-2018-15963
|
2024-11-21 12:51 |
2018-09-25 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
247760
|
5.3 |
MEDIUM
Network
|
adobe
|
coldfusion
|
Adobe ColdFusion versions July 12 release (2018.0.0.310739), Update 6 and earlier, and Update 14 and earlier have a directory listing vulnerability. Successful exploitation could lead to information …
|
CWE-200
Information Exposure
|
CVE-2018-15962
|
2024-11-21 12:51 |
2018-09-25 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
