|
250321
|
4.7 |
MEDIUM
Network
|
phpipam
|
phpipam
|
phpipam version 1.3.2 and earlier contains a Cross Site Scripting (XSS) vulnerability in The value of the phpipamredirect cookie is copied into an HTML tag on the login page encapsulated in single qu…
|
CWE-79
Cross-site Scripting
|
CVE-2018-1000860
|
2024-11-21 12:40 |
2018-12-21 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
250322
|
8.8 |
HIGH
Network
|
gnupg
canonical
|
gnupg
ubuntu_linux
|
GnuPG version 2.1.12 - 2.2.11 contains a Cross ite Request Forgery (CSRF) vulnerability in dirmngr that can result in Attacker controlled CSRF, Information Disclosure, DoS. This attack appear to be e…
|
CWE-352
Origin Validation Error
|
CVE-2018-1000858
|
2024-11-21 12:40 |
2018-12-21 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
250323
|
8.8 |
HIGH
Network
|
open-systems
|
log-user-session
|
log-user-session version 0.7 and earlier contains a Directory Traversal vulnerability in Main SUID-binary /usr/local/bin/log-user-session that can result in User to root privilege escalation. This at…
|
CWE-22
Path Traversal
|
CVE-2018-1000857
|
2024-11-21 12:40 |
2018-12-21 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
250324
|
4.8 |
MEDIUM
Network
|
domainmod
|
domainmod
|
DomainMOD version 4.09.03 and above. Also verified in the latest version 4.11.01 contains a Cross Site Scripting (XSS) vulnerability in Segment Name field in the segments page that can result in Arbi…
|
CWE-79
Cross-site Scripting
|
CVE-2018-1000856
|
2024-11-21 12:40 |
2018-12-21 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
250325
|
6.1 |
MEDIUM
Network
|
basecamp
|
easymon
|
easymon version 1.4 and earlier contains a Cross Site Scripting (XSS) vulnerability in Endpoint where monitoring is mounted that can result in Reflected XSS that affects Firefox. Can be used to steal…
|
CWE-79
Cross-site Scripting
|
CVE-2018-1000855
|
2024-11-21 12:40 |
2018-12-21 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
250326
|
9.8 |
CRITICAL
Network
|
esigate
|
esigate
|
esigate.org esigate version 5.2 and earlier contains a CWE-74: Improper Neutralization of Special Elements in Output Used by a Downstream Component ('Injection') vulnerability in ESI directive with u…
|
CWE-74
Injection
|
CVE-2018-1000854
|
2024-11-21 12:40 |
2018-12-21 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
250327
|
6.5 |
MEDIUM
Network
|
freerdp
canonical
fedoraproject
|
freerdp
ubuntu_linux
fedora
|
FreeRDP FreeRDP 2.0.0-rc3 released version before commit 205c612820dac644d665b5bb1cdf437dc5ca01e3 contains a Other/Unknown vulnerability in channels/drdynvc/client/drdynvc_main.c, drdynvc_process_cap…
|
CWE-125
Out-of-bounds Read
|
CVE-2018-1000852
|
2024-11-21 12:40 |
2018-12-21 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
250328
|
9.8 |
CRITICAL
Network
|
copay
|
copay_bitcoin_wallet
|
Copay Bitcoin Wallet version 5.01 to 5.1.0 included. contains a Other/Unknown vulnerability in wallet private key storage that can result in Users' private key can be compromised. . This attack appea…
|
CWE-522
Insufficiently Protected Credentials
|
CVE-2018-1000851
|
2024-11-21 12:40 |
2018-12-21 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
250329
|
7.5 |
HIGH
Network
|
squareup
|
retrofit
|
Square Retrofit version versions from (including) 2.0 and 2.5.0 (excluding) contains a Directory Traversal vulnerability in RequestBuilder class, method addPathParameter that can result in By manipul…
|
CWE-22
Path Traversal
|
CVE-2018-1000850
|
2024-11-21 12:40 |
2018-12-21 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
250330
|
8.8 |
HIGH
Network
|
alpinelinux
|
alpine_linux
|
Alpine Linux version Versions prior to 2.6.10, 2.7.6, and 2.10.1 contains a Other/Unknown vulnerability in apk-tools (Alpine Linux' package manager) that can result in Remote Code Execution. This att…
|
CWE-20
Improper Input Validation
|
CVE-2018-1000849
|
2024-11-21 12:40 |
2018-12-21 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
