|
248731
|
9.8 |
CRITICAL
Network
|
tcpdump
|
tcpdump
|
tcpdump before 4.9.3 mishandles the printing of SMB data (issue 1 of 2).
|
CWE-20
Improper Input Validation
|
CVE-2018-10103
|
2024-11-21 12:40 |
2019-10-4 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
248732
|
9.8 |
CRITICAL
Network
|
kromtech
|
mackeeper
|
Kromtech MacKeeper 3.20.4 suffers from a root privilege escalation vulnerability through its `com.mackeeper.AdwareAnalyzer.AdwareAnalyzerPrivilegedHelper` component. The AdwareAnalzyerPrivilegedHelpe…
|
CWE-732
Incorrect Permission Assignment for Critical Resource
|
CVE-2018-10171
|
2024-11-21 12:40 |
2019-06-6 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
248733
|
8.1 |
HIGH
Network
|
google
|
tensorflow
|
Invalid memory access and/or a heap buffer overflow in the TensorFlow XLA compiler in Google TensorFlow before 1.7.1 could cause a crash or read from other parts of process memory via a crafted confi…
|
CWE-119
Incorrect Access of Indexable Resource ('Range Error')
|
CVE-2018-10055
|
2024-11-21 12:40 |
2019-04-25 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
248734
|
8.8 |
HIGH
Network
|
audiocodes
|
420hd_ip_phone_firmware
|
AudioCodes IP phone 420HD devices using firmware version 2.2.12.126 allow Remote Code Execution.
|
CWE-862
Missing Authorization
|
CVE-2018-10093
|
2024-11-21 12:40 |
2019-03-22 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
248735
|
4.8 |
MEDIUM
Network
|
audiocodes
|
420hd_ip_phone_firmware
|
AudioCodes IP phone 420HD devices using firmware version 2.2.12.126 allow XSS.
|
CWE-79
Cross-site Scripting
|
CVE-2018-10091
|
2024-11-21 12:40 |
2019-03-22 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
248736
|
6.1 |
MEDIUM
Network
|
freebsd
|
cvsweb
|
FreeBSD CVSweb version 2.x contains a Cross Site Scripting (XSS) vulnerability in all pages that can result in limited impact--CVSweb is anonymous & read-only. It might impact other sites on same dom…
|
CWE-79
Cross-site Scripting
|
CVE-2018-1000998
|
2024-11-21 12:40 |
2019-02-5 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
248737
|
6.5 |
MEDIUM
Network
|
jenkins
|
jenkins
|
A path traversal vulnerability exists in the Stapler web framework used by Jenkins 2.145 and earlier, LTS 2.138.1 and earlier in core/src/main/java/org/kohsuke/stapler/Facet.java, groovy/src/main/jav…
|
CWE-22
Path Traversal
|
CVE-2018-1000997
|
2024-11-21 12:40 |
2019-01-24 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
248738
|
6.1 |
MEDIUM
Network
|
jenkins
|
git_changelog
|
A cross-site scripting vulnerability exists in Jenkins Git Changelog Plugin 2.6 and earlier in GitChangelogSummaryDecorator/summary.jelly, GitChangelogLeftsideBuildDecorator/badge.jelly, GitLogJiraFi…
|
CWE-79
Cross-site Scripting
|
CVE-2018-1000426
|
2024-11-21 12:40 |
2019-01-10 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
248739
|
7.8 |
HIGH
Local
|
sonarsource
|
sonarqube_scanner
|
An insufficiently protected credentials vulnerability exists in Jenkins SonarQube Scanner Plugin 2.8 and earlier in SonarInstallation.java that allows attackers with local file system access to obtai…
|
CWE-522
Insufficiently Protected Credentials
|
CVE-2018-1000425
|
2024-11-21 12:40 |
2019-01-10 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
248740
|
7.8 |
HIGH
Local
|
jfrog
|
artifactory
|
An insufficiently protected credentials vulnerability exists in Jenkins Artifactory Plugin 2.16.1 and earlier in ArtifactoryBuilder.java, CredentialsConfig.java that allows attackers with local file …
|
CWE-522
Insufficiently Protected Credentials
|
CVE-2018-1000424
|
2024-11-21 12:40 |
2019-01-10 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
