|
246801
|
8.8 |
HIGH
Network
|
hdfgroup
|
hdf5
|
An issue was discovered in the HDF HDF5 1.8.20 library. There is a heap-based buffer over-read in the function H5O_layout_decode in H5Olayout.c, related to HDmemcpy.
|
CWE-125
Out-of-bounds Read
|
CVE-2018-14033
|
2024-11-21 12:48 |
2018-07-13 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
246802
|
8.8 |
HIGH
Network
|
hdfgroup
|
hdf5
|
An issue was discovered in the HDF HDF5 1.8.20 library. There is a heap-based buffer over-read in the function H5T_copy in H5T.c.
|
CWE-125
Out-of-bounds Read
|
CVE-2018-14031
|
2024-11-21 12:48 |
2018-07-13 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
246803
|
8.8 |
HIGH
Network
|
creatiwity
|
witycms
|
CSRF vulnerability in admin/user/edit in Creatiwity wityCMS 0.6.2 allows an attacker to take over a user account, as demonstrated by modifying the account's email field.
|
CWE-352
Origin Validation Error
|
CVE-2018-14029
|
2024-11-21 12:48 |
2018-07-13 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
246804
|
5.5 |
MEDIUM
Local
|
radare
|
radare2
|
The r_bin_java_annotation_new function in shlr/java/class.c in radare2 2.7.0 allows remote attackers to cause a denial of service (heap-based buffer over-read and application crash) via a crafted .cl…
|
CWE-125
Out-of-bounds Read
|
CVE-2018-14017
|
2024-11-21 12:48 |
2018-07-13 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
246805
|
5.5 |
MEDIUM
Local
|
radare
|
radare2
|
The r_bin_mdmp_init_directory_entry function in mdmp.c in radare2 2.7.0 allows remote attackers to cause a denial of service (heap-based buffer over-read and application crash) via a crafted Mini Cra…
|
CWE-125
Out-of-bounds Read
|
CVE-2018-14016
|
2024-11-21 12:48 |
2018-07-13 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
246806
|
5.5 |
MEDIUM
Local
|
radare
|
radare2
|
The sdb_set_internal function in sdb.c in radare2 2.7.0 allows remote attackers to cause a denial of service (invalid read and application crash) via a crafted ELF file because of missing input valid…
|
CWE-119
Incorrect Access of Indexable Resource ('Range Error')
|
CVE-2018-14015
|
2024-11-21 12:48 |
2018-07-13 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
246807
|
8.8 |
HIGH
Network
|
super_cms_project
|
super_cms
|
In waimai Super Cms 20150505, there is a CSRF vulnerability that can add an admin account via admin.php?m=Member&a=adminadd.
|
CWE-352
Origin Validation Error
|
CVE-2018-14014
|
2024-11-21 12:48 |
2018-07-13 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
246808
|
9.8 |
CRITICAL
Network
|
wolfsight
|
wolfsight_cms
|
WolfSight CMS 3.2 allows SQL injection via the PATH_INFO to the default URI.
|
CWE-89
SQL Injection
|
CVE-2018-14012
|
2024-11-21 12:48 |
2018-07-13 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
246809
|
6.5 |
MEDIUM
Network
|
gnu
|
mailman
|
An issue was discovered in GNU Mailman before 2.1.28. A crafted URL can cause arbitrary text to be displayed on a web page from a trusted site.
|
CWE-20
Improper Input Validation
|
CVE-2018-13796
|
2024-11-21 12:48 |
2018-07-13 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
246810
|
9.8 |
CRITICAL
Network
|
codiad
|
codiad
|
Codiad through 2.8.4 allows Remote Code Execution, a different vulnerability than CVE-2017-11366 and CVE-2017-15689.
|
CWE-20
Improper Input Validation
|
CVE-2018-14009
|
2024-11-21 12:48 |
2018-07-13 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
