|
248131
|
5.4 |
MEDIUM
Network
|
frogcms_project
|
frogcms
|
An issue was discovered in Frog CMS 0.9.5. There is a reflected Cross Site Scripting Vulnerability via the file[current_name] parameter to the admin/?/plugin/file_manager/rename URI. This can be used…
|
CWE-352
CWE-79
Origin Validation Error
Cross-site Scripting
|
CVE-2018-10806
|
2024-11-21 12:42 |
2018-05-8 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
248132
|
6.5 |
MEDIUM
Network
|
imagemagick
canonical
|
imagemagick
ubuntu_linux
|
ImageMagick version 7.0.7-28 contains a memory leak in ReadYCBCRImage in coders/ycbcr.c.
|
CWE-772
Missing Release of Resource after Effective Lifetime
|
CVE-2018-10805
|
2024-11-21 12:42 |
2018-05-8 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
248133
|
6.5 |
MEDIUM
Network
|
imagemagick
canonical
|
imagemagick
ubuntu_linux
|
ImageMagick version 7.0.7-28 contains a memory leak in WriteTIFFImage in coders/tiff.c.
|
CWE-772
Missing Release of Resource after Effective Lifetime
|
CVE-2018-10804
|
2024-11-21 12:42 |
2018-05-8 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
248134
|
6.5 |
MEDIUM
Network
|
libtiff
|
libtiff
|
TIFFClientOpen in tif_unix.c in LibTIFF 3.8.2 has memory leaks, as demonstrated by bmp2tiff.
|
CWE-772
Missing Release of Resource after Effective Lifetime
|
CVE-2018-10801
|
2024-11-21 12:42 |
2018-05-8 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
248135
|
6.5 |
MEDIUM
Network
|
brave
|
brave
|
A hang issue was discovered in Brave before 0.14.0 (on, for example, Linux). This vulnerability is caused by the mishandling of a long URL formed by window.location+='?\u202a\uFEFF\u202b'; concatenat…
|
CWE-20
Improper Input Validation
|
CVE-2018-10799
|
2024-11-21 12:42 |
2018-05-8 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
248136
|
6.5 |
MEDIUM
Network
|
brave
|
brave
|
A hang issue was discovered in Brave before 0.14.0 (on, for example, Linux). The vulnerability is caused by mishandling of JavaScript code that triggers the reload of a page continuously with an inte…
|
CWE-20
Improper Input Validation
|
CVE-2018-10798
|
2024-11-21 12:42 |
2018-05-8 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
248137
|
7.8 |
HIGH
Local
|
2345_security_guard_project
|
2345_security_guard
|
In 2345 Security Guard 3.7, the driver file (2345NetFirewall.sys) allows local users to cause a denial of service (BSOD) or possibly have unspecified other impact because of not validating input valu…
|
CWE-20
Improper Input Validation
|
CVE-2018-10796
|
2024-11-21 12:42 |
2018-05-8 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
248138
|
8.8 |
HIGH
Network
|
liferay
|
liferay_portal
|
Liferay 6.2.x and before has an FCKeditor configuration that allows an attacker to upload or transfer files of dangerous types that can be automatically processed within the product's environment via…
|
CWE-434
Unrestricted Upload of File with Dangerous Type
|
CVE-2018-10795
|
2024-11-21 12:42 |
2018-05-7 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
248139
|
6.5 |
MEDIUM
Network
|
exiv2
|
exiv2
|
Exiv2::Image::byteSwap2 in image.cpp in Exiv2 0.26 has a heap-based buffer over-read.
|
CWE-125
Out-of-bounds Read
|
CVE-2018-10780
|
2024-11-21 12:42 |
2018-05-7 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
248140
|
6.5 |
MEDIUM
Network
|
libtiff
canonical
|
libtiff
ubuntu_linux
|
TIFFWriteScanline in tif_write.c in LibTIFF 3.8.2 has a heap-based buffer over-read, as demonstrated by bmp2tiff.
|
CWE-125
Out-of-bounds Read
|
CVE-2018-10779
|
2024-11-21 12:42 |
2018-05-7 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
