|
246681
|
6.5 |
MEDIUM
Network
|
easycms
|
easycms
|
EasyCMS 1.3 has CSRF via the index.php?s=/admin/user/delAll URI to delete users.
|
CWE-352
Origin Validation Error
|
CVE-2018-12971
|
2024-11-21 12:46 |
2018-06-29 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
246682
|
7.5 |
HIGH
Network
|
gnu
|
binutils
|
remember_Ktype in cplus-dem.c in GNU libiberty, as distributed in GNU Binutils 2.30, allows attackers to trigger excessive memory consumption (aka OOM). This can occur during execution of cxxfilt.
|
CWE-770
Allocation of Resources Without Limits or Throttling
|
CVE-2018-12934
|
2024-11-21 12:46 |
2018-06-28 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
246683
|
9.8 |
CRITICAL
Network
|
winehq
|
wine
|
PlayEnhMetaFileRecord in enhmetafile.c in Wine 3.7 allows attackers to cause a denial of service (out-of-bounds write) or possibly have unspecified other impact because the attacker controls the pCre…
|
CWE-787
Out-of-bounds Write
|
CVE-2018-12933
|
2024-11-21 12:46 |
2018-06-28 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
246684
|
9.8 |
CRITICAL
Network
|
winehq
|
wine
|
PlayEnhMetaFileRecord in enhmetafile.c in Wine 3.7 allows attackers to cause a denial of service (heap-based buffer overflow) or possibly have unspecified other impact by triggering a large pAlphaBle…
|
CWE-787
Out-of-bounds Write
|
CVE-2018-12932
|
2024-11-21 12:46 |
2018-06-28 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
246685
|
7.8 |
HIGH
Local
|
linux
canonical
|
linux_kernel
ubuntu_linux
|
ntfs_attr_find in the ntfs.ko filesystem driver in the Linux kernel 4.15.0 allows attackers to trigger a stack-based out-of-bounds write and cause a denial of service (kernel oops or panic) or possib…
|
CWE-787
Out-of-bounds Write
|
CVE-2018-12931
|
2024-11-21 12:46 |
2018-06-28 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
246686
|
7.8 |
HIGH
Local
|
linux
canonical
|
linux_kernel
ubuntu_linux
|
ntfs_end_buffer_async_read in the ntfs.ko filesystem driver in the Linux kernel 4.15.0 allows attackers to trigger a stack-based out-of-bounds write and cause a denial of service (kernel oops or pani…
|
CWE-787
Out-of-bounds Write
|
CVE-2018-12930
|
2024-11-21 12:46 |
2018-06-28 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
246687
|
5.5 |
MEDIUM
Local
|
linux
canonical
|
linux_kernel
ubuntu_linux
|
ntfs_read_locked_inode in the ntfs.ko filesystem driver in the Linux kernel 4.15.0 allows attackers to trigger a use-after-free read and possibly cause a denial of service (kernel oops or panic) via …
|
CWE-416
Use After Free
|
CVE-2018-12929
|
2024-11-21 12:46 |
2018-06-28 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
246688
|
5.5 |
MEDIUM
Local
|
linux
canonical
|
linux_kernel
ubuntu_linux
|
In the Linux kernel 4.15.0, a NULL pointer dereference was discovered in hfs_ext_read_extent in hfs.ko. This can occur during a mount of a crafted hfs filesystem.
|
CWE-476
NULL Pointer Dereference
|
CVE-2018-12928
|
2024-11-21 12:46 |
2018-06-28 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
246689
|
7.5 |
HIGH
Network
|
northernnep
|
northern_electric_\&_power_inverter_firmware
|
Northern Electric & Power (NEP) inverter devices allow remote attackers to obtain potentially sensitive information via a direct request for the nep/status/index/1 URI.
|
CWE-200
Information Exposure
|
CVE-2018-12927
|
2024-11-21 12:46 |
2018-06-28 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
246690
|
7.5 |
HIGH
Network
|
pharoscontrols
|
pharos_firmware
|
Pharos Controls devices allow remote attackers to obtain potentially sensitive information via a direct request for the default/index.lsp or default/log.lsp URI.
|
CWE-200
Information Exposure
|
CVE-2018-12926
|
2024-11-21 12:46 |
2018-06-28 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
