|
246621
|
7.5 |
HIGH
Network
|
kone
|
group_controller_firmware
|
An issue was discovered on KONE Group Controller (KGC) devices before 4.6.5. Denial of Service can occur through the open HTTP interface, aka KONE-04.
|
CWE-20
Improper Input Validation
|
CVE-2018-15483
|
2024-11-21 12:50 |
2018-09-8 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
246622
|
9.6 |
CRITICAL
Network
|
dokuwiki
|
dokuwiki
|
CSV Injection (aka Excel Macro Injection or Formula Injection) in /lib/plugins/usermanager/admin.php in DokuWiki 2018-04-22a and earlier allows remote attackers to exfiltrate sensitive data and to ex…
|
CWE-1236
Improper Neutralization of Formula Elements in a CSV File
|
CVE-2018-15474
|
2024-11-21 12:50 |
2018-09-8 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
246623
|
6.5 |
MEDIUM
Network
|
libesedb_project
|
libesedb
|
The libesedb_key_append_data function in libesedb_key.c in libesedb through 2018-04-01 allows remote attackers to cause a heap-based buffer over-read via a crafted esedb file. NOTE: the vendor has di…
|
CWE-125
Out-of-bounds Read
|
CVE-2018-15161
|
2024-11-21 12:50 |
2018-09-1 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
246624
|
6.5 |
MEDIUM
Network
|
libesedb_project
|
libesedb
|
The libesedb_catalog_definition_read function in libesedb_catalog_definition.c in libesedb through 2018-04-01 allows remote attackers to cause a heap-based buffer over-read via a crafted esedb file. …
|
CWE-125
Out-of-bounds Read
|
CVE-2018-15160
|
2024-11-21 12:50 |
2018-09-1 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
246625
|
6.5 |
MEDIUM
Network
|
libesedb_project
|
libesedb
|
The libesedb_page_read_tags function in libesedb_page.c in libesedb through 2018-04-01 allows remote attackers to cause a heap-based buffer over-read via a crafted esedb file. NOTE: the vendor has di…
|
CWE-125
Out-of-bounds Read
|
CVE-2018-15159
|
2024-11-21 12:50 |
2018-09-1 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
246626
|
6.5 |
MEDIUM
Network
|
libesedb_project
|
libesedb
|
The libesedb_page_read_values function in libesedb_page.c in libesedb through 2018-04-01 allows remote attackers to cause a heap-based buffer over-read via a crafted esedb file. NOTE: the vendor has …
|
CWE-125
Out-of-bounds Read
|
CVE-2018-15158
|
2024-11-21 12:50 |
2018-09-1 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
246627
|
6.5 |
MEDIUM
Network
|
libfsclfs_project
|
libfsclfs
|
The libfsclfs_block_read function in libfsclfs_block.c in libfsclfs before 2018-07-25 allows remote attackers to cause a heap-based buffer over-read via a crafted clfs file. NOTE: the vendor has disp…
|
CWE-125
Out-of-bounds Read
|
CVE-2018-15157
|
2024-11-21 12:50 |
2018-09-1 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
246628
|
8.8 |
HIGH
Network
|
docker
|
docker
|
HandleRequestAsync in Docker for Windows before 18.06.0-ce-rc3-win68 (edge) and before 18.06.0-ce-win72 (stable) deserialized requests over the \\.\pipe\dockerBackend named pipe without verifying the…
|
CWE-502
Deserialization of Untrusted Data
|
CVE-2018-15514
|
2024-11-21 12:50 |
2018-09-1 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
246629
|
4.7 |
MEDIUM
Local
|
trendmicro
|
officescan_xg
|
A Named Pipe Request Processing Out-of-Bounds Read Information Disclosure vulnerability in Trend Micro OfficeScan XG (12.0) could allow a local attacker to disclose sensitive information on vulnerabl…
|
CWE-200
Information Exposure
|
CVE-2018-15364
|
2024-11-21 12:50 |
2018-08-31 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
246630
|
7.8 |
HIGH
Local
|
trendmicro
|
antivirus_\+_security
internet_security
maximum_security
premium_security
|
An Out-of-Bounds Read Privilege Escalation vulnerability in Trend Micro Security 2018 (Consumer) products could allow a local attacker to escalate privileges on vulnerable installations. An attacker …
|
CWE-125
Out-of-bounds Read
|
CVE-2018-15363
|
2024-11-21 12:50 |
2018-08-31 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
