|
249471
|
8.8 |
HIGH
Network
|
asus
|
wl-330nul_firmware
|
Cross-site request forgery (CSRF) vulnerability in WL-330NUL Firmware version prior to 3.0.0.46 allows remote attackers to hijack the authentication of administrators via unspecified vectors.
|
CWE-352
Origin Validation Error
|
CVE-2018-0647
|
2024-11-21 12:38 |
2018-09-7 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
249472
|
9.8 |
CRITICAL
Network
|
bit-part
|
mtappjquery
|
MTAppjQuery 1.8.1 and earlier allows remote PHP code execution via unspecified vectors.
|
CWE-434
Unrestricted Upload of File with Dangerous Type
|
CVE-2018-0645
|
2024-11-21 12:38 |
2018-09-7 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
249473
|
6.5 |
MEDIUM
Network
|
canonical
|
ubuntu_linux
|
Buffer overflow in Ubuntu14.04 ORCA (Online Receipt Computer Advantage) 4.8.0 (panda-client2) 1:1.4.9+p41-u4jma1 and earlier, Ubuntu14.04 ORCA (Online Receipt Computer Advantage) 5.0.0 (panda-client2…
|
CWE-119
Incorrect Access of Indexable Resource ('Range Error')
|
CVE-2018-0644
|
2024-11-21 12:38 |
2018-09-7 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
249474
|
6.6 |
MEDIUM
Adjacent
|
canonical
orcamo
|
ubuntu_linux
online_receipt_computer_advantage
|
Ubuntu14.04 ORCA (Online Receipt Computer Advantage) 4.8.0 (panda-server) 1:1.4.9+p41-u4jma1 and earlier allows attacker with administrator rights to execute arbitrary OS commands via unspecified vec…
|
CWE-78
OS Command
|
CVE-2018-0643
|
2024-11-21 12:38 |
2018-09-7 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
249475
|
6.1 |
MEDIUM
Network
|
foliovision
|
fv_flowplayer_video_player
|
Cross-site scripting vulnerability in FV Flowplayer Video Player 6.1.2 to 6.6.4 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors.
|
CWE-79
Cross-site Scripting
|
CVE-2018-0642
|
2024-11-21 12:38 |
2018-09-7 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
249476
|
7.8 |
HIGH
Local
|
yayoi-kk
|
kaikei
aoiro_shinkoku
kyuuyo
kyuuyo_keisan
hanbai
kokyaku_kanri
|
Untrusted search path vulnerability in Multiple Yayoi 17 Series products (Yayoi Kaikei 17 Series Ver.23.1.1 and earlier, Yayoi Aoiro Shinkoku 17 Ver.23.1.1 and earlier, Yayoi Kyuuyo 17 Ver.20.1.4 and…
|
CWE-426
Untrusted Search Path
|
CVE-2018-0624
|
2024-11-21 12:38 |
2018-09-7 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
249477
|
7.8 |
HIGH
Local
|
yayoi-kk
|
kaikei
aoiro_shinkoku
kyuuyo
kyuuyo_keisan
hanbai
kokyaku_kanri
|
Untrusted search path vulnerability in Multiple Yayoi 17 Series products (Yayoi Kaikei 17 Series Ver.23.1.1 and earlier, Yayoi Aoiro Shinkoku 17 Ver.23.1.1 and earlier, Yayoi Kyuuyo 17 Ver.20.1.4 and…
|
CWE-426
Untrusted Search Path
|
CVE-2018-0623
|
2024-11-21 12:38 |
2018-09-7 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
249478
|
9.8 |
CRITICAL
Network
|
canonical
zsh
|
ubuntu_linux
zsh
|
An issue was discovered in zsh before 5.6. The beginning of a #! script file was mishandled, potentially leading to an execve call to a program named on the second line.
|
CWE-20
Improper Input Validation
|
CVE-2018-0502
|
2024-11-21 12:38 |
2018-09-5 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
249479
|
7.8 |
HIGH
Local
|
hibara
|
attachecase
|
AttacheCase ver.3.3.0.0 and earlier allows an arbitrary script execution via unspecified vectors.
|
CWE-94
Code Injection
|
CVE-2018-0675
|
2024-11-21 12:38 |
2018-09-4 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
249480
|
7.8 |
HIGH
Local
|
hibara
|
attachecase
|
AttacheCase ver.2.8.4.0 and earlier allows an arbitrary script execution via unspecified vectors.
|
CWE-94
Code Injection
|
CVE-2018-0674
|
2024-11-21 12:38 |
2018-09-4 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
