|
249661
|
7.8 |
HIGH
Local
|
buffalo
|
wzr-1750dhp2_firmware
|
Buffer overflow in Buffalo WZR-1750DHP2 Ver.2.30 and earlier allows an attacker to execute arbitrary code via a specially crafted file.
|
CWE-119
Incorrect Access of Indexable Resource ('Range Error')
|
CVE-2018-0555
|
2024-11-21 12:38 |
2018-04-9 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
249662
|
8.8 |
HIGH
Adjacent
|
buffalo
|
wzr-1750dhp2_firmware
|
Buffalo WZR-1750DHP2 Ver.2.30 and earlier allows an attacker to bypass authentication and execute arbitrary commands on the device via unspecified vectors.
|
CWE-306
Missing Authentication for Critical Function
|
CVE-2018-0554
|
2024-11-21 12:38 |
2018-04-9 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
249663
|
7.4 |
HIGH
Network
|
glamo
|
iremocon_wifi
|
The iRemoconWiFi App for Android version 4.1.7 and earlier does not verify X.509 certificates from SSL servers, which allows man-in-the-middle attackers to spoof servers and obtain sensitive informat…
|
CWE-295
Improper Certificate Validation
|
CVE-2018-0553
|
2024-11-21 12:38 |
2018-04-9 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
249664
|
9.8 |
CRITICAL
Network
|
lxr_project
|
lxr
|
LXR version 1.0.0 to 2.3.0 allows remote attackers to execute arbitrary OS commands via unspecified vectors.
|
CWE-78
OS Command
|
CVE-2018-0545
|
2024-11-21 12:38 |
2018-04-9 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
249665
|
7.2 |
HIGH
Network
|
eyrie
debian
|
remctl
debian_linux
|
remctld in remctl before 3.14, when an attacker is authorized to execute a command that uses the sudo option, has a use-after-free that leads to a daemon crash, memory corruption, or arbitrary comman…
|
CWE-416
Use After Free
|
CVE-2018-0493
|
2024-11-21 12:38 |
2018-04-3 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
249666
|
7.0 |
HIGH
Local
|
beep_project
debian
|
beep
debian_linux
|
Johnathan Nightingale beep through 1.3.4, if setuid, has a race condition that allows local privilege escalation.
|
CWE-362
Race Condition
|
CVE-2018-0492
|
2024-11-21 12:38 |
2018-04-3 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
249667
|
6.5 |
MEDIUM
Network
|
openssl
debian
canonical
|
openssl
debian_linux
ubuntu_linux
|
Constructed ASN.1 types with a recursive definition (such as can be found in PKCS7) could eventually exceed the stack given malicious input with excessive recursion. This could result in a Denial Of …
|
CWE-674
Uncontrolled Recursion
|
CVE-2018-0739
|
2024-11-21 12:38 |
2018-03-28 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
249668
|
5.9 |
MEDIUM
Network
|
openssl
|
openssl
|
Because of an implementation bug the PA-RISC CRYPTO_memcmp function is effectively reduced to only comparing the least significant bit of each byte. This allows an attacker to forge messages that wou…
|
NVD-CWE-noinfo
|
CVE-2018-0733
|
2024-11-21 12:38 |
2018-03-28 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
249669
|
7.8 |
HIGH
Local
|
securebrain
|
phishwall_client
|
Untrusted search path vulnerability in The installer of PhishWall Client Firefox and Chrome edition for Windows Ver. 5.1.26 and earlier allows an attacker to gain privileges via a Trojan horse DLL in…
|
CWE-426
Untrusted Search Path
|
CVE-2018-0552
|
2024-11-21 12:38 |
2018-03-22 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
249670
|
7.5 |
HIGH
Network
|
webproxy_project
|
webproxy
|
Directory traversal vulnerability in WebProxy version 1.7.8 allows an attacker to read arbitrary files via unspecified vectors.
|
CWE-22
Path Traversal
|
CVE-2018-0542
|
2024-11-21 12:38 |
2018-03-22 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
