|
246881
|
7.5 |
HIGH
Network
|
ecos
|
secure_boot_stick_firmware
|
Protection Mechanism Failure in ECOS Secure Boot Stick (aka SBS) 5.6.5 allows an attacker to compromise authentication and encryption keys via a virtualization attack.
|
NVD-CWE-noinfo
|
CVE-2018-12334
|
2024-11-21 12:45 |
2018-06-18 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
246882
|
8.1 |
HIGH
Network
|
ecos
|
secure_boot_stick_firmware
|
Insufficient Verification of Data Authenticity vulnerability in ECOS Secure Boot Stick (aka SBS) 5.6.5 allows an attacker to manipulate security relevant configurations and execute malicious code.
|
CWE-345
Insufficient Verification of Data Authenticity
|
CVE-2018-12333
|
2024-11-21 12:45 |
2018-06-18 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
246883
|
4.2 |
MEDIUM
Physics
|
ecos
|
secure_boot_stick_firmware
|
Incomplete Cleanup vulnerability in ECOS Secure Boot Stick (aka SBS) 5.6.5 allows an attacker to compromise authentication and encryption keys via a compromised host PC after a reset.
|
CWE-459
Incomplete Cleanup
|
CVE-2018-12332
|
2024-11-21 12:45 |
2018-06-18 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
246884
|
7.4 |
HIGH
Network
|
ecos
|
system_management_appliance
|
Authentication Bypass by Spoofing vulnerability in ECOS System Management Appliance (aka SMA) 5.2.68 allows a man-in-the-middle attacker to compromise authentication keys and configurations via IP sp…
|
CWE-290
Authentication Bypass by Spoofing
|
CVE-2018-12331
|
2024-11-21 12:45 |
2018-06-18 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
246885
|
8.1 |
HIGH
Network
|
ecos
|
secure_boot_stick_firmware
|
Protection Mechanism Failure in ECOS Secure Boot Stick (aka SBS) 5.6.5 allows an attacker to compromise authentication and encryption keys via compromised firmware.
|
NVD-CWE-noinfo
|
CVE-2018-12330
|
2024-11-21 12:45 |
2018-06-18 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
246886
|
5.9 |
MEDIUM
Network
|
ecos
|
secure_boot_stick_firmware
|
Protection Mechanism Failure in ECOS Secure Boot Stick (aka SBS) 5.6.5 allows a local attacker to duplicate an authentication factor via cloning.
|
CWE-200
Information Exposure
|
CVE-2018-12329
|
2024-11-21 12:45 |
2018-06-18 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
246887
|
7.5 |
HIGH
Network
|
1000guess
|
1000_guess
|
The _addguess function of a simplelottery smart contract implementation for 1000 Guess, an Ethereum gambling game, generates a random value with publicly readable variables such as the current block …
|
CWE-338
Use of Cryptographically Weak Pseudo-Random Number Generator (PRNG)
|
CVE-2018-12454
|
2024-11-21 12:45 |
2018-06-17 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
246888
|
7.5 |
HIGH
Network
|
redislabs
|
redis
|
Type confusion in the xgroupCommand function in t_stream.c in redis-server in Redis before 5.0 allows remote attackers to cause denial-of-service via an XGROUP command in which the key is not a strea…
|
CWE-704
Incorrect Type Conversion or Cast
|
CVE-2018-12453
|
2024-11-21 12:45 |
2018-06-17 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
246889
|
7.5 |
HIGH
Network
|
tinyexr_project
|
tinyexr
|
tinyexr 0.9.5 has an assertion failure in ComputeChannelLayout in tinyexr.h.
|
CWE-617
Reachable Assertion
|
CVE-2018-12504
|
2024-11-21 12:45 |
2018-06-17 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
246890
|
9.8 |
CRITICAL
Network
|
tinyexr_project
|
tinyexr
|
tinyexr 0.9.5 has a heap-based buffer over-read in LoadEXRImageFromMemory in tinyexr.h.
|
CWE-125
Out-of-bounds Read
|
CVE-2018-12503
|
2024-11-21 12:45 |
2018-06-17 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
