|
247771
|
4.3 |
MEDIUM
Adjacent
|
rondaful_project
|
rondaful_m1_wristband_smart_band_1_firmware
|
Rondaful M1 Wristband Smart Band 1 devices allow remote attackers to send an arbitrary number of call or SMS notifications via crafted Bluetooth Low Energy (BLE) traffic.
|
NVD-CWE-noinfo
|
CVE-2018-11631
|
2024-11-21 12:43 |
2018-06-1 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
247772
|
6.1 |
MEDIUM
Network
|
sinatrarb
redhat
|
sinatra
cloudforms
|
Sinatra before 2.0.2 has XSS via the 400 Bad Request page that occurs upon a params parser exception.
|
CWE-79
Cross-site Scripting
|
CVE-2018-11627
|
2024-11-21 12:43 |
2018-06-1 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
247773
|
7.5 |
HIGH
Network
|
simple_lossless_audio_project
|
simple_lossless_audio
|
SELA (aka SimplE Lossless Audio) v0.1.2-alpha has a stack-based buffer overflow in the core/apev2.c init_apev2_keys function.
|
CWE-787
Out-of-bounds Write
|
CVE-2018-11626
|
2024-11-21 12:43 |
2018-06-1 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
247774
|
8.8 |
HIGH
Network
|
imagemagick
canonical
|
imagemagick
ubuntu_linux
|
In ImageMagick 7.0.7-37 Q16, SetGrayscaleImage in the quantize.c file allows attackers to cause a heap-based buffer over-read via a crafted file.
|
CWE-125
Out-of-bounds Read
|
CVE-2018-11625
|
2024-11-21 12:43 |
2018-06-1 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
247775
|
8.8 |
HIGH
Network
|
imagemagick
|
imagemagick
|
In ImageMagick 7.0.7-36 Q16, the ReadMATImage function in coders/mat.c allows attackers to cause a use after free via a crafted file.
|
CWE-416
Use After Free
|
CVE-2018-11624
|
2024-11-21 12:43 |
2018-06-1 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
247776
|
7.1 |
HIGH
Local
|
espruino
|
espruino
|
Espruino before 1.99 allows attackers to cause a denial of service (application crash) and a potential Information Disclosure with user crafted input files via a Buffer Overflow or Out-of-bounds Read…
|
CWE-125
Out-of-bounds Read
|
CVE-2018-11598
|
2024-11-21 12:43 |
2018-06-1 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
247777
|
5.5 |
MEDIUM
Local
|
espruino
|
espruino
|
Espruino before 1.99 allows attackers to cause a denial of service (application crash) with a user crafted input file via a Buffer Overflow during syntax parsing because of a missing check for stack …
|
CWE-674
Uncontrolled Recursion
|
CVE-2018-11597
|
2024-11-21 12:43 |
2018-06-1 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
247778
|
5.5 |
MEDIUM
Local
|
espruino
|
espruino
|
Espruino before 1.99 allows attackers to cause a denial of service (application crash) with a user crafted input file via a Buffer Overflow during syntax parsing because a check for '\0' is made for …
|
CWE-119
Incorrect Access of Indexable Resource ('Range Error')
|
CVE-2018-11596
|
2024-11-21 12:43 |
2018-06-1 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
247779
|
7.8 |
HIGH
Local
|
espruino
|
espruino
|
Espruino before 1.99 allows attackers to cause a denial of service (application crash) and a potential Escalation of Privileges with a user crafted input file via a Buffer Overflow during syntax pars…
|
CWE-119
Incorrect Access of Indexable Resource ('Range Error')
|
CVE-2018-11595
|
2024-11-21 12:43 |
2018-06-1 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
247780
|
5.5 |
MEDIUM
Local
|
espruino
|
espruino
|
Espruino before 1.99 allows attackers to cause a denial of service (application crash) with a user crafted input file via a Buffer Overflow during syntax parsing of "VOID" tokens in jsparse.c.
|
CWE-119
Incorrect Access of Indexable Resource ('Range Error')
|
CVE-2018-11594
|
2024-11-21 12:43 |
2018-06-1 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
