|
246241
|
7.5 |
HIGH
Network
|
gitlab
|
gitlab
|
An issue was discovered in GitLab Community and Enterprise Edition 11.1.x before 11.1.2. A Denial of Service can occur because Markdown rendering times are slow.
|
NVD-CWE-noinfo
|
CVE-2018-14601
|
2024-11-21 12:49 |
2018-07-27 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
246242
|
7.5 |
HIGH
Network
|
thomsonreuters
|
ultratax_cs
|
Thomson Reuters UltraTax CS 2017 on Windows has a password protection option; however, the level of protection might be inconsistent with some customers' expectations because the data is directly acc…
|
CWE-311
Missing Encryption of Sensitive Data
|
CVE-2018-14608
|
2024-11-21 12:49 |
2018-07-27 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
246243
|
7.5 |
HIGH
Network
|
thomsonreuters
|
ultratax_cs_2017
|
Thomson Reuters UltraTax CS 2017 on Windows, in a client/server configuration, transfers customer records and bank account numbers in cleartext over SMBv2, which allows attackers to (1) obtain sensit…
|
CWE-311
Missing Encryption of Sensitive Data
|
CVE-2018-14607
|
2024-11-21 12:49 |
2018-07-27 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
246244
|
6.1 |
MEDIUM
Network
|
opmantek
|
open-audit
|
Cross-site scripting (XSS) vulnerability in the Groups Page in Open-Audit Community 2.2.6 allows remote attackers to inject arbitrary web script or HTML via the group name.
|
CWE-79
Cross-site Scripting
|
CVE-2018-14493
|
2024-11-21 12:49 |
2018-07-26 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
246245
|
6.1 |
MEDIUM
Network
|
mondula
|
multi_step_form
|
The Mondula Multi Step Form plugin through 1.2.5 for WordPress allows XSS via the fw_data [id][1], fw_data [id][2], fw_data [id][3], fw_data [id][4], or email field of the contact form, exploitable w…
|
CWE-79
Cross-site Scripting
|
CVE-2018-14430
|
2024-11-21 12:49 |
2018-07-26 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
246246
|
7.5 |
HIGH
Network
|
wancms
|
wancms
|
wancms 1.0 through 5.0 allows remote attackers to cause a denial of service (resource consumption) via a checkcode (aka verification code) URI in which the values of font_size, width, and height are …
|
CWE-400
Uncontrolled Resource Consumption
|
CVE-2018-14596
|
2024-11-21 12:49 |
2018-07-25 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
246247
|
7.5 |
HIGH
Network
|
axiosys
|
bento4
|
An issue has been discovered in Bento4 1.5.1-624. A SEGV can occur in AP4_Processor::ProcessFragments in Core/Ap4Processor.cpp.
|
CWE-119
Incorrect Access of Indexable Resource ('Range Error')
|
CVE-2018-14590
|
2024-11-21 12:49 |
2018-07-25 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
246248
|
8.8 |
HIGH
Network
|
axiosys
|
bento4
|
An issue has been discovered in Bento4 1.5.1-624. AP4_Mp4AudioDsiParser::ReadBits in Codecs/Ap4Mp4AudioInfo.cpp has a heap-based buffer over-read.
|
CWE-125
Out-of-bounds Read
|
CVE-2018-14589
|
2024-11-21 12:49 |
2018-07-25 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
246249
|
7.5 |
HIGH
Network
|
axiosys
|
bento4
|
An issue has been discovered in Bento4 1.5.1-624. A NULL pointer dereference can occur in AP4_DataBuffer::SetData in Core/Ap4DataBuffer.cpp.
|
CWE-476
NULL Pointer Dereference
|
CVE-2018-14588
|
2024-11-21 12:49 |
2018-07-25 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
246250
|
8.8 |
HIGH
Network
|
axiosys
|
bento4
|
An issue has been discovered in Bento4 1.5.1-624. AP4_MemoryByteStream::WritePartial in Core/Ap4ByteStream.cpp has a buffer over-read.
|
CWE-125
Out-of-bounds Read
|
CVE-2018-14587
|
2024-11-21 12:49 |
2018-07-25 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
