|
249201
|
4.8 |
MEDIUM
Network
|
redhat
|
ovirt-engine
|
oVirt version 4.2.0 to 4.2.2 contains a Cross Site Scripting (XSS) vulnerability in the name/description of VMs portion of the web admin application. This vulnerability appears to have been fixed in …
|
CWE-79
Cross-site Scripting
|
CVE-2018-1000095
|
2024-11-21 12:39 |
2018-03-13 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
249202
|
7.2 |
HIGH
Network
|
cmsmadesimple
|
cms_made_simple
|
CMS Made Simple version 2.2.5 contains a Remote Code Execution vulnerability in File Manager that can result in Allows an authenticated admin that has access to the file manager to execute code on th…
|
CWE-434
Unrestricted Upload of File with Dangerous Type
|
CVE-2018-1000094
|
2024-11-21 12:39 |
2018-03-13 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
249203
|
5.9 |
MEDIUM
Network
|
sinatrarb
|
rack-protection
|
Sinatra rack-protection versions 1.5.4 and 2.0.0.rc3 and earlier contains a timing attack vulnerability in the CSRF token checking that can result in signatures can be exposed. This attack appear to …
|
CWE-203
Information Exposure Through Discrepancy
|
CVE-2018-1000119
|
2024-11-21 12:39 |
2018-03-7 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
249204
|
6.7 |
MEDIUM
Local
|
python
|
python
|
Python Software Foundation CPython version From 3.2 until 3.6.4 on Windows contains a Buffer Overflow vulnerability in os.symlink() function on Windows that can result in Arbitrary code execution, li…
|
CWE-120
Classic Buffer Overflow
|
CVE-2018-1000117
|
2024-11-21 12:39 |
2018-03-7 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
249205
|
9.8 |
CRITICAL
Network
|
net-snmp
debian
|
net-snmp
debian_linux
|
NET-SNMP version 5.7.2 contains a heap corruption vulnerability in the UDP protocol handler that can result in command execution.
|
CWE-787
Out-of-bounds Write
|
CVE-2018-1000116
|
2024-11-21 12:39 |
2018-03-7 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
249206
|
8.8 |
HIGH
Network
|
electronjs
|
electron
|
Github Electron version Electron 1.8.2-beta.4 and earlier contains a Command Injection vulnerability in Protocol Handler that can result in command execute. This attack appear to be exploitable via t…
|
CWE-78
OS Command
|
CVE-2018-1000118
|
2024-11-21 12:39 |
2018-03-7 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
249207
|
9.8 |
CRITICAL
Network
|
mingw-w64
|
mingw-w64
|
Mingw-w64 version 5.0.3 and earlier, 5.0.4, 6.0.0 and 7.0.0 contains an Improper Null Termination (CWE-170) vulnerability in mingw-w64-crt (libc)->(v)snprintf that can result in The bug may be used t…
|
NVD-CWE-noinfo
|
CVE-2018-1000101
|
2024-11-21 12:39 |
2018-03-7 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
249208
|
7.8 |
HIGH
Local
|
gpac_project
canonical
|
gpac
ubuntu_linux
|
GPAC MP4Box version 0.7.1 and earlier contains a Buffer Overflow vulnerability in src/isomedia/avc_ext.c lines 2417 to 2420 that can result in Heap chunks being modified, this could lead to RCE. This…
|
CWE-119
Incorrect Access of Indexable Resource ('Range Error')
|
CVE-2018-1000100
|
2024-11-21 12:39 |
2018-03-7 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
249209
|
7.5 |
HIGH
Network
|
memcached
canonical
debian
redhat
|
memcached
ubuntu_linux
debian_linux
openstack
|
Memcached version 1.5.5 contains an Insufficient Control of Network Message Volume (Network Amplification, CWE-406) vulnerability in the UDP support of the memcached server that can result in denial …
|
CWE-400
Uncontrolled Resource Consumption
|
CVE-2018-1000115
|
2024-11-21 12:39 |
2018-03-5 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
249210
|
6.1 |
MEDIUM
Network
|
microsoft
|
identity_manager
|
Microsoft Identity Manager 2016 SP1 allows an attacker to gain elevated privileges when it does not properly sanitize a specially crafted attribute value being displayed to a user on an affected MIM …
|
CWE-79
Cross-site Scripting
|
CVE-2018-0908
|
2024-11-21 12:39 |
2018-02-27 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
