|
246801
|
4.3 |
MEDIUM
Adjacent
|
google
|
chromecast_firmware
home_firmware
|
The API service on Google Home and Chromecast devices before mid-July 2018 does not prevent DNS rebinding attacks from reading the scan_results JSON data, which allows remote attackers to determine t…
|
CWE-200
Information Exposure
|
CVE-2018-12716
|
2024-11-21 12:45 |
2018-06-25 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
246802
|
9.8 |
CRITICAL
Network
|
linux
|
linux_kernel
|
An issue was discovered in the Linux kernel through 4.17.2. The filter parsing in kernel/trace/trace_events_filter.c could be called with no filter, which is an N=0 case when it expected at least one…
|
CWE-787
Out-of-bounds Write
|
CVE-2018-12714
|
2024-11-21 12:45 |
2018-06-25 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
246803
|
9.8 |
CRITICAL
Network
|
digisol
|
dg-br4000ng_firmware
|
DIGISOL DG-BR4000NG devices have a Buffer Overflow via a long Authorization HTTP header.
|
CWE-119
Incorrect Access of Indexable Resource ('Range Error')
|
CVE-2018-12706
|
2024-11-21 12:45 |
2018-06-25 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
246804
|
6.1 |
MEDIUM
Network
|
digisol
|
dg-br4000ng_firmware
|
DIGISOL DG-BR4000NG devices have XSS via the SSID (it is validated only on the client side).
|
CWE-79
Cross-site Scripting
|
CVE-2018-12705
|
2024-11-21 12:45 |
2018-06-25 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
246805
|
9.1 |
CRITICAL
Network
|
gimp
|
gimp
|
GIMP through 2.10.2 makes g_get_tmp_dir calls to establish temporary filenames, which may result in a filename that already exists, as demonstrated by the gimp_write_and_read_file function in app/tes…
|
NVD-CWE-noinfo
|
CVE-2018-12713
|
2024-11-21 12:45 |
2018-06-25 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
246806
|
9.8 |
CRITICAL
Network
|
gnu
canonical
|
binutils
ubuntu_linux
|
finish_stab in stabs.c in GNU Binutils 2.30 allows attackers to cause a denial of service (heap-based buffer overflow) or possibly have unspecified other impact, as demonstrated by an out-of-bounds w…
|
CWE-787
Out-of-bounds Write
|
CVE-2018-12699
|
2024-11-21 12:45 |
2018-06-24 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
246807
|
7.5 |
HIGH
Network
|
gnu
canonical
|
binutils
ubuntu_linux
|
demangle_template in cplus-dem.c in GNU libiberty, as distributed in GNU Binutils 2.30, allows attackers to trigger excessive memory consumption (aka OOM) during the "Create an array for saving the t…
|
NVD-CWE-noinfo
|
CVE-2018-12698
|
2024-11-21 12:45 |
2018-06-24 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
246808
|
7.5 |
HIGH
Network
|
gnu
canonical
|
binutils
ubuntu_linux
|
A NULL pointer dereference (aka SEGV on unknown address 0x000000000000) was discovered in work_stuff_copy_to_from in cplus-dem.c in GNU libiberty, as distributed in GNU Binutils 2.30. This can occur …
|
CWE-476
NULL Pointer Dereference
|
CVE-2018-12697
|
2024-11-21 12:45 |
2018-06-24 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
246809
|
9.8 |
CRITICAL
Network
|
insteon
|
2864-222_firmware
|
The webService binary on Insteon HD IP Camera White 2864-222 devices has a Buffer Overflow via a crafted pid, pwd, or usr key in a GET request on port 34100.
|
CWE-119
Incorrect Access of Indexable Resource ('Range Error')
|
CVE-2018-12640
|
2024-11-21 12:45 |
2018-06-24 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
246810
|
6.1 |
MEDIUM
Network
|
mao10
|
mao10cms
|
mao10cms 6 allows XSS via the article page.
|
CWE-79
Cross-site Scripting
|
CVE-2018-12696
|
2024-11-21 12:45 |
2018-06-24 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
