|
247741
|
8.8 |
HIGH
Network
|
liblouis
canonical
opensuse
|
liblouis
ubuntu_linux
leap
|
Liblouis 3.5.0 has a stack-based Buffer Overflow in the function compileHyphenation in compileTranslationTable.c.
|
CWE-787
Out-of-bounds Write
|
CVE-2018-11685
|
2024-11-21 12:43 |
2018-06-4 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
247742
|
8.8 |
HIGH
Network
|
liblouis
canonical
opensuse
|
liblouis
ubuntu_linux
leap
|
Liblouis 3.5.0 has a stack-based Buffer Overflow in the function includeFile in compileTranslationTable.c.
|
CWE-787
Out-of-bounds Write
|
CVE-2018-11684
|
2024-11-21 12:43 |
2018-06-4 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
247743
|
8.8 |
HIGH
Network
|
liblouis
canonical
opensuse
|
liblouis
ubuntu_linux
leap
|
Liblouis 3.5.0 has a stack-based Buffer Overflow in the function parseChars in compileTranslationTable.c, a different vulnerability than CVE-2018-11440.
|
CWE-787
Out-of-bounds Write
|
CVE-2018-11683
|
2024-11-21 12:43 |
2018-06-4 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
247744
|
6.5 |
MEDIUM
Network
|
cmseasy
|
cmseasy
|
An issue was discovered in CmsEasy 6.1_20180508. There is a CSRF vulnerability in the rich text editor that can add an IFRAME element. This might be used in a DoS attack if a referenced remote URL is…
|
CWE-352
Origin Validation Error
|
CVE-2018-11680
|
2024-11-21 12:43 |
2018-06-2 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
247745
|
8.8 |
HIGH
Network
|
cmseasy
|
cmseasy
|
An issue was discovered in CmsEasy 6.1_20180508. There is a CSRF vulnerability that can add an article via /index.php?case=table&act=add&table=archive&admin_dir=admin.
|
CWE-352
Origin Validation Error
|
CVE-2018-11679
|
2024-11-21 12:43 |
2018-06-2 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
247746
|
9.8 |
CRITICAL
Network
|
lutron
|
stanza_firmware
radiora_2_firmware
homeworks_qs_firmware
|
Default and unremovable support credentials allow attackers to gain total super user control of an IoT device through a TELNET session to products using the Stanza Lutron integration protocol Revisio…
|
CWE-798
Use of Hard-coded Credentials
|
CVE-2018-11682
|
2024-11-21 12:43 |
2018-06-2 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
247747
|
9.8 |
CRITICAL
Network
|
lutron
|
stanza_firmware
radiora_2_firmware
homeworks_qs_firmware
|
Default and unremovable support credentials (user:nwk password:nwk2) allow attackers to gain total super user control of an IoT device through a TELNET session to products using the RadioRA 2 Lutron …
|
CWE-798
Use of Hard-coded Credentials
|
CVE-2018-11681
|
2024-11-21 12:43 |
2018-06-2 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
247748
|
9.8 |
CRITICAL
Network
|
lutron
|
stanza_firmware
radiora_2_firmware
homeworks_qs_firmware
|
Default and unremovable support credentials (user:lutron password:integration) allow attackers to gain total super user control of an IoT device through a TELNET session to products using the HomeWor…
|
CWE-798
Use of Hard-coded Credentials
|
CVE-2018-11629
|
2024-11-21 12:43 |
2018-06-2 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
247749
|
4.8 |
MEDIUM
Network
|
pagekit
|
pagekit
|
Stored XSS in YOOtheme Pagekit 1.0.13 and earlier allows a user to upload malicious code via the picture upload feature. A user with elevated privileges could upload a photo to the system in an SVG f…
|
CWE-79
Cross-site Scripting
|
CVE-2018-11564
|
2024-11-21 12:43 |
2018-06-2 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
247750
|
6.1 |
MEDIUM
Network
|
yosoro_project
|
yosoro
|
Yosoro 1.0.4 has stored XSS.
|
CWE-79
Cross-site Scripting
|
CVE-2018-11522
|
2024-11-21 12:43 |
2018-06-2 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
