|
246771
|
9.8 |
CRITICAL
Network
|
adobe
|
acrobat_dc
acrobat_reader_dc
|
Adobe Acrobat and Reader 2018.011.20040 and earlier, 2017.011.30080 and earlier, and 2015.006.30418 and earlier versions have an Out-of-bounds write vulnerability. Successful exploitation could lead …
|
CWE-787
Out-of-bounds Write
|
CVE-2018-12754
|
2024-11-21 12:45 |
2018-07-21 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
246772
|
5.4 |
MEDIUM
Network
|
jeesns
|
jeesns
|
JEESNS through 1.2.1 allows XSS attacks by ordinary users who publish articles containing a crafted payload in order to capture an administrator cookie.
|
CWE-79
Cross-site Scripting
|
CVE-2018-12429
|
2024-11-21 12:45 |
2018-07-19 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
246773
|
9.8 |
CRITICAL
Network
|
resiprocate
debian
|
resiprocate
debian_linux
|
The ConnectionBase::preparseNewBytes function in resip/stack/ConnectionBase.cxx in reSIProcate through 1.10.2 allows remote attackers to cause a denial of service (buffer overflow) or possibly execut…
|
CWE-120
Classic Buffer Overflow
|
CVE-2018-12584
|
2024-11-21 12:45 |
2018-07-17 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
246774
|
9.8 |
CRITICAL
Network
|
hp
|
fortify_software_security_center
|
An XML external entity (XXE) vulnerability in Fortify Software Security Center (SSC), version 17.1, 17.2, 18.1 allows remote unauthenticated users to read arbitrary files or conduct server-side reque…
|
CWE-611
XXE
|
CVE-2018-12463
|
2024-11-21 12:45 |
2018-07-13 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
246775
|
8.8 |
HIGH
Network
|
eclipse
|
vert.x
|
In version from 3.0.0 to 3.5.2 of Eclipse Vert.x, the CSRFHandler do not assert that the XSRF Cookie matches the returned XSRF header/form parameter. This allows replay attacks with previously issued…
|
CWE-352
Origin Validation Error
|
CVE-2018-12540
|
2024-11-21 12:45 |
2018-07-12 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
246776
|
6.1 |
MEDIUM
Network
|
netiq
|
imanager
|
NetIQ iManager 3.1.1 addresses potential XSS vulnerabilities.
|
CWE-79
Cross-site Scripting
|
CVE-2018-12462
|
2024-11-21 12:45 |
2018-07-11 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
246777
|
7.5 |
HIGH
Network
|
netiq
|
edirectory
|
Fixed issues with NetIQ eDirectory prior to 9.1.1 when checking certificate revocation.
|
CWE-295
Improper Certificate Validation
|
CVE-2018-12461
|
2024-11-21 12:45 |
2018-07-11 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
246778
|
8.8 |
HIGH
Network
|
beescms
|
beescms
|
In BEESCMS 4.0, CSRF allows administrators to be added arbitrarily, a related issue to CVE-2018-10266.
|
CWE-352
Origin Validation Error
|
CVE-2018-12739
|
2024-11-21 12:45 |
2018-07-6 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
246779
|
9.8 |
CRITICAL
Network
|
microsoft
|
forefront_unified_access_gateway
|
uniquesig0/InternalSite/InitParams.aspx in Microsoft Forefront Unified Access Gateway 2010 allows remote attackers to trigger outbound DNS queries for arbitrary hosts via a comma-separated list of UR…
|
CWE-918
Server-Side Request Forgery (SSRF)
|
CVE-2018-12571
|
2024-11-21 12:45 |
2018-07-6 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
246780
|
8.1 |
HIGH
Network
|
ntop
|
ntopng
|
An issue was discovered in ntopng 3.4 before 3.4.180617. The PRNG involved in the generation of session IDs is not seeded at program startup. This results in deterministic session IDs being allocated…
|
CWE-335
Incorrect Usage of Seeds in Pseudo-Random Number Generator (PRNG)
|
CVE-2018-12520
|
2024-11-21 12:45 |
2018-07-6 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
