|
247361
|
5.5 |
MEDIUM
Local
|
podofo_project
|
podofo
|
Invalid memory read in the PoDoFo::PdfVariant::DelayedLoad() function in PdfVariant.h in PoDoFo 0.9.6-rc1 allows remote attackers to have denial-of-service impact via a crafted file.
|
CWE-119
Incorrect Access of Indexable Resource ('Range Error')
|
CVE-2018-12982
|
2024-11-21 12:46 |
2018-06-29 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
247362
|
6.1 |
MEDIUM
Network
|
opentsdb
|
opentsdb
|
An issue was discovered in OpenTSDB 2.3.0. There is XSS in parameter 'json' to the /q URI.
|
CWE-79
Cross-site Scripting
|
CVE-2018-12973
|
2024-11-21 12:46 |
2018-06-29 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
247363
|
9.8 |
CRITICAL
Network
|
opentsdb
|
opentsdb
|
An issue was discovered in OpenTSDB 2.3.0. Many parameters to the /q URI can execute commands, including o, key, style, and yrange and y2range and their JSON input.
|
CWE-78
OS Command
|
CVE-2018-12972
|
2024-11-21 12:46 |
2018-06-29 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
247364
|
6.5 |
MEDIUM
Network
|
easycms
|
easycms
|
EasyCMS 1.3 has CSRF via the index.php?s=/admin/user/delAll URI to delete users.
|
CWE-352
Origin Validation Error
|
CVE-2018-12971
|
2024-11-21 12:46 |
2018-06-29 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
247365
|
7.5 |
HIGH
Network
|
gnu
|
binutils
|
remember_Ktype in cplus-dem.c in GNU libiberty, as distributed in GNU Binutils 2.30, allows attackers to trigger excessive memory consumption (aka OOM). This can occur during execution of cxxfilt.
|
CWE-770
Allocation of Resources Without Limits or Throttling
|
CVE-2018-12934
|
2024-11-21 12:46 |
2018-06-28 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
247366
|
9.8 |
CRITICAL
Network
|
winehq
|
wine
|
PlayEnhMetaFileRecord in enhmetafile.c in Wine 3.7 allows attackers to cause a denial of service (out-of-bounds write) or possibly have unspecified other impact because the attacker controls the pCre…
|
CWE-787
Out-of-bounds Write
|
CVE-2018-12933
|
2024-11-21 12:46 |
2018-06-28 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
247367
|
9.8 |
CRITICAL
Network
|
winehq
|
wine
|
PlayEnhMetaFileRecord in enhmetafile.c in Wine 3.7 allows attackers to cause a denial of service (heap-based buffer overflow) or possibly have unspecified other impact by triggering a large pAlphaBle…
|
CWE-787
Out-of-bounds Write
|
CVE-2018-12932
|
2024-11-21 12:46 |
2018-06-28 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
247368
|
7.8 |
HIGH
Local
|
linux
canonical
|
linux_kernel
ubuntu_linux
|
ntfs_attr_find in the ntfs.ko filesystem driver in the Linux kernel 4.15.0 allows attackers to trigger a stack-based out-of-bounds write and cause a denial of service (kernel oops or panic) or possib…
|
CWE-787
Out-of-bounds Write
|
CVE-2018-12931
|
2024-11-21 12:46 |
2018-06-28 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
247369
|
7.8 |
HIGH
Local
|
linux
canonical
|
linux_kernel
ubuntu_linux
|
ntfs_end_buffer_async_read in the ntfs.ko filesystem driver in the Linux kernel 4.15.0 allows attackers to trigger a stack-based out-of-bounds write and cause a denial of service (kernel oops or pani…
|
CWE-787
Out-of-bounds Write
|
CVE-2018-12930
|
2024-11-21 12:46 |
2018-06-28 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
247370
|
5.5 |
MEDIUM
Local
|
linux
canonical
|
linux_kernel
ubuntu_linux
|
ntfs_read_locked_inode in the ntfs.ko filesystem driver in the Linux kernel 4.15.0 allows attackers to trigger a use-after-free read and possibly cause a denial of service (kernel oops or panic) via …
|
CWE-416
Use After Free
|
CVE-2018-12929
|
2024-11-21 12:46 |
2018-06-28 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
