|
249301
|
8.8 |
HIGH
Network
|
jenkins
|
dry
|
Jenkins DRY Plugin 2.49 and earlier processes XML external entities in files it parses as part of the build process, allowing attackers with user permissions in Jenkins to extract secrets from the Je…
|
CWE-611
XXE
|
CVE-2018-1000010
|
2024-11-21 12:39 |
2018-01-23 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
249302
|
8.8 |
HIGH
Network
|
jenkins
|
checkstyle
|
Jenkins Checkstyle Plugin 3.49 and earlier processes XML external entities in files it parses as part of the build process, allowing attackers with user permissions in Jenkins to extract secrets from…
|
CWE-611
XXE
|
CVE-2018-1000009
|
2024-11-21 12:39 |
2018-01-23 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
249303
|
8.8 |
HIGH
Network
|
jenkins
|
pmd
|
Jenkins PMD Plugin 3.49 and earlier processes XML external entities in files it parses as part of the build process, allowing attackers with user permissions in Jenkins to extract secrets from the Je…
|
CWE-611
XXE
|
CVE-2018-1000008
|
2024-11-21 12:39 |
2018-01-23 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
249304
|
8.8 |
HIGH
Network
|
microsoft
|
word
office
office_compatibility_pack
|
Equation Editor in Microsoft Office 2003, Microsoft Office 2007, Microsoft Office 2010, Microsoft Office 2013, and Microsoft Office 2016 allows a remote code execution vulnerability due to the way ob…
|
NVD-CWE-noinfo
|
CVE-2018-0862
|
2024-11-21 12:39 |
2018-01-23 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
249305
|
8.8 |
HIGH
Network
|
microsoft
|
word
office
office_compatibility_pack
|
Equation Editor in Microsoft Office 2003, Microsoft Office 2007, Microsoft Office 2010, Microsoft Office 2013, and Microsoft Office 2016 allows a remote code execution vulnerability due to the way ob…
|
NVD-CWE-noinfo
|
CVE-2018-0849
|
2024-11-21 12:39 |
2018-01-23 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
249306
|
8.8 |
HIGH
Network
|
microsoft
|
word
office
office_compatibility_pack
|
Equation Editor in Microsoft Office 2003, Microsoft Office 2007, Microsoft Office 2010, Microsoft Office 2013, and Microsoft Office 2016 allows a remote code execution vulnerability due to the way ob…
|
NVD-CWE-noinfo
|
CVE-2018-0848
|
2024-11-21 12:39 |
2018-01-23 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
249307
|
7.8 |
HIGH
Local
|
microsoft
|
word
office
office_compatibility_pack
|
Equation Editor in Microsoft Office 2003, Microsoft Office 2007, Microsoft Office 2010, Microsoft Office 2013, and Microsoft Office 2016 allows a remote code execution vulnerability due to the way ob…
|
NVD-CWE-noinfo
|
CVE-2018-0845
|
2024-11-21 12:39 |
2018-01-23 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
249308
|
3.7 |
LOW
Network
|
powerdns
|
recursor
|
Improper input validation bugs in DNSSEC validators components in PowerDNS version 4.1.0 allow attacker in man-in-the-middle position to deny existence of some data in DNS via packet replay.
|
CWE-20
Improper Input Validation
|
CVE-2018-1000003
|
2024-11-21 12:39 |
2018-01-23 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
249309
|
3.7 |
LOW
Network
|
nic
|
knot_resolver
|
Improper input validation bugs in DNSSEC validators components in Knot Resolver (prior version 1.5.2) allow attacker in man-in-the-middle position to deny existence of some data in DNS via packet rep…
|
CWE-20
Improper Input Validation
|
CVE-2018-1000002
|
2024-11-21 12:39 |
2018-01-23 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
249310
|
5.9 |
MEDIUM
Network
|
linux
|
linux_kernel
|
In the Linux kernel 4.12, 3.10, 2.6 and possibly earlier versions a race condition vulnerability exists in the sound system, this can lead to a deadlock and denial of service condition.
|
CWE-362
Race Condition
|
CVE-2018-1000004
|
2024-11-21 12:39 |
2018-01-17 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
