|
249311
|
6.5 |
MEDIUM
Network
|
microsoft
|
office
|
Microsoft Office 2016 for Mac allows an attacker to send a specially crafted email attachment to a user in an attempt to launch a social engineering attack, such as phishing, due to how Outlook for M…
|
NVD-CWE-noinfo
|
CVE-2018-0819
|
2024-11-21 12:39 |
2018-01-10 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
249312
|
7.5 |
HIGH
Network
|
microsoft
|
chakracore
|
Microsoft ChakraCore allows an attacker to bypass Control Flow Guard (CFG) in conjunction with another vulnerability to run arbitrary code on a target system, due to how the Chakra scripting engine h…
|
NVD-CWE-noinfo
|
CVE-2018-0818
|
2024-11-21 12:39 |
2018-01-10 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
249313
|
7.8 |
HIGH
Local
|
microsoft
|
word
office
office_compatibility_pack
|
Equation Editor in Microsoft Office 2003, Microsoft Office 2007, Microsoft Office 2010, Microsoft Office 2013, and Microsoft Office 2016 allows a remote code execution vulnerability due to the way ob…
|
CWE-787
Out-of-bounds Write
|
CVE-2018-0812
|
2024-11-21 12:39 |
2018-01-10 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
249314
|
9.8 |
CRITICAL
Network
|
qnap
|
qts
|
This command injection vulnerability in File Station allows attackers to execute commands on the affected device. To fix the vulnerability, QNAP recommend updating QTS to their latest versions.
|
CWE-77
Command Injection
|
CVE-2018-0730
|
2024-11-21 12:38 |
2019-12-5 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
249315
|
9.8 |
CRITICAL
Network
|
qnap
|
music_station
|
This command injection vulnerability in Music Station allows attackers to execute commands on the affected device. To fix the vulnerability, QNAP recommend updating Music Station to their latest vers…
|
CWE-77
Command Injection
|
CVE-2018-0729
|
2024-11-21 12:38 |
2019-12-5 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
249316
|
7.5 |
HIGH
Network
|
qnap
|
helpdesk
|
This improper access control vulnerability in Helpdesk allows attackers to access the system logs. To fix the vulnerability, QNAP recommend updating QTS and Helpdesk to their latest versions.
|
CWE-269
Improper Privilege Management
|
CVE-2018-0728
|
2024-11-21 12:38 |
2019-12-5 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
249317
|
7.5 |
HIGH
Network
|
cisco
|
wireless_lan_controller_software
|
A vulnerability in the session identification management functionality of the web-based interface of Cisco Wireless LAN Controller (WLC) Software could allow an unauthenticated, remote attacker to hi…
|
CWE-287
Improper Authentication
|
CVE-2018-0382
|
2024-11-21 12:38 |
2019-04-18 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
249318
|
7.5 |
HIGH
Network
|
cisco
|
spa514g_firmware
|
A vulnerability in the implementation of Session Initiation Protocol (SIP) processing in Cisco Small Business SPA514G IP Phones could allow an unauthenticated, remote attacker to cause an affected de…
|
NVD-CWE-noinfo
|
CVE-2018-0389
|
2024-11-21 12:38 |
2019-03-14 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
249319
|
7.5 |
HIGH
Network
|
osstech
|
openam
|
OpenAM (Open Source Edition) 13.0 and later does not properly manage sessions, which allows remote authenticated attackers to change the security questions and reset the login password via unspecifie…
|
CWE-640
Weak Password Recovery Mechanism for Forgotten Password
|
CVE-2018-0696
|
2024-11-21 12:38 |
2019-02-14 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
249320
|
7.5 |
HIGH
Network
|
qnap
|
photo_station
|
Path Traversal vulnerability in Photo Station versions: 5.7.2 and earlier in QTS 4.3.4, 5.4.4 and earlier in QTS 4.3.3, 5.2.8 and earlier in QTS 4.2.6 could allow remote attackers to access sensitive…
|
CWE-22
Path Traversal
|
CVE-2018-0722
|
2024-11-21 12:38 |
2019-02-2 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
