|
247251
|
9.8 |
CRITICAL
Network
|
citrix
|
xenserver
|
Citrix XenServer 7.1 and newer allows Directory Traversal.
|
CWE-22
Path Traversal
|
CVE-2018-14007
|
2024-11-21 12:48 |
2018-08-16 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
247252
|
8.1 |
HIGH
Network
|
libcgroup_project
debian
fedoraproject
|
libcgroup
debian_linux
fedora
|
libcgroup up to and including 0.41 creates /var/log/cgred with mode 0666 regardless of the configured umask, leading to disclosure of information.
|
CWE-200
Information Exposure
|
CVE-2018-14348
|
2024-11-21 12:48 |
2018-08-15 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
247253
|
7.2 |
HIGH
Network
|
wordpress
|
wordpress
|
In WordPress 4.9.7, plugins uploaded via the admin area are not verified as being ZIP files. This allows for PHP files to be uploaded. Once a PHP file is uploaded, the plugin extraction fails, but th…
|
CWE-434
Unrestricted Upload of File with Dangerous Type
|
CVE-2018-14028
|
2024-11-21 12:48 |
2018-08-11 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
247254
|
7.5 |
HIGH
Network
|
megacryptopolis
|
megacryptopolis
|
The doPayouts() function of the smart contract implementation for MegaCryptoPolis, an Ethereum game, has a Denial of Service vulnerability. If a smart contract that has a fallback function always cau…
|
CWE-20
Improper Input Validation
|
CVE-2018-13877
|
2024-11-21 12:48 |
2018-08-7 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
247255
|
6.5 |
MEDIUM
Network
|
foxitsoftware
|
foxit_reader
phantompdf
|
This vulnerability allows remote attackers to disclose sensitive information on vulnerable installations of Foxit Reader 9.0.1.5096. User interaction is required to exploit this vulnerability in that…
|
CWE-200
CWE-125
Information Exposure
Out-of-bounds Read
|
CVE-2018-14316
|
2024-11-21 12:48 |
2018-08-1 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
247256
|
8.8 |
HIGH
Network
|
foxitsoftware
|
foxit_reader
phantompdf
|
This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Foxit Reader 9.0.1.5096. User interaction is required to exploit this vulnerability in that the tar…
|
CWE-416
Use After Free
|
CVE-2018-14315
|
2024-11-21 12:48 |
2018-08-1 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
247257
|
8.8 |
HIGH
Network
|
foxitsoftware
|
foxit_reader
phantompdf
|
This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Foxit Reader 9.0.1.5096. User interaction is required to exploit this vulnerability in that the tar…
|
CWE-416
Use After Free
|
CVE-2018-14314
|
2024-11-21 12:48 |
2018-08-1 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
247258
|
8.8 |
HIGH
Network
|
foxitsoftware
|
foxit_reader
phantompdf
|
This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Foxit Reader 9.0.1.5096. User interaction is required to exploit this vulnerability in that the tar…
|
CWE-704
Incorrect Type Conversion or Cast
|
CVE-2018-14313
|
2024-11-21 12:48 |
2018-08-1 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
247259
|
8.8 |
HIGH
Network
|
foxitsoftware
|
foxit_reader
phantompdf
|
This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Foxit Reader 9.0.1.5096. User interaction is required to exploit this vulnerability in that the tar…
|
CWE-416
Use After Free
|
CVE-2018-14312
|
2024-11-21 12:48 |
2018-08-1 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
247260
|
8.8 |
HIGH
Network
|
foxitsoftware
|
foxit_reader
phantompdf
|
This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Foxit Reader. User interaction is required to exploit this vulnerability in that the target must vi…
|
CWE-704
Incorrect Type Conversion or Cast
|
CVE-2018-14311
|
2024-11-21 12:48 |
2018-08-1 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
