|
246821
|
4.8 |
MEDIUM
Network
|
catfish-cms
|
catfish_cms
|
Catfish CMS v4.7.9 allows XSS via the admin/Index/write.html editorValue parameter (aka an article posted by an administrator).
|
CWE-79
Cross-site Scripting
|
CVE-2018-13999
|
2024-11-21 12:48 |
2018-07-12 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
246822
|
4.8 |
MEDIUM
Network
|
clippercms
|
clippercms
|
ClipperCMS 1.3.3 has stored XSS via the Full Name field of (1) Security -> Manager Users or (2) Security -> Web Users.
|
CWE-79
Cross-site Scripting
|
CVE-2018-13998
|
2024-11-21 12:48 |
2018-07-12 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
246823
|
7.5 |
HIGH
Network
|
codeplea
|
genann
|
Genann through 2018-07-08 has a SEGV in genann_run in genann.c.
|
CWE-119
Incorrect Access of Indexable Resource ('Range Error')
|
CVE-2018-13997
|
2024-11-21 12:48 |
2018-07-12 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
246824
|
9.8 |
CRITICAL
Network
|
codeplea
|
genann
|
Genann through 2018-07-08 has a stack-based buffer over-read in genann_train in genann.c.
|
CWE-125
Out-of-bounds Read
|
CVE-2018-13996
|
2024-11-21 12:48 |
2018-07-12 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
246825
|
8.8 |
HIGH
Network
|
arcelikas
|
grundig_smart_inter\@ctive_firmware
|
Grundig Smart Inter@ctive TV 3.0 devices allow CSRF attacks via a POST request to TCP port 8085 containing a predictable ID value, as demonstrated by a /sendrcpackage?keyid=-2544&keysymbol=-4081 requ…
|
CWE-352
Origin Validation Error
|
CVE-2018-13989
|
2024-11-21 12:48 |
2018-07-12 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
246826
|
5.4 |
MEDIUM
Network
|
rocket.chat
|
rocket.chat
|
A reflected XSS issue was discovered in the registration form in Rocket.Chat before 0.66. When one creates an account, the next step will ask for a username. This field will not save HTML control cha…
|
CWE-79
Cross-site Scripting
|
CVE-2018-13879
|
2024-11-21 12:48 |
2018-07-11 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
246827
|
6.1 |
MEDIUM
Network
|
rocket.chat
|
rocket.chat
|
An XSS issue was discovered in packages/rocketchat-mentions/Mentions.js in Rocket.Chat before 0.65. The real name of a username is displayed unescaped when the user is mentioned (using the @ symbol) …
|
CWE-79
Cross-site Scripting
|
CVE-2018-13878
|
2024-11-21 12:48 |
2018-07-11 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
246828
|
9.8 |
CRITICAL
Network
|
hdfgroup
|
hdf5
|
An issue was discovered in the HDF HDF5 1.8.20 library. There is a stack-based buffer overflow in the function H5FD_sec2_read in H5FDsec2.c, related to HDread.
|
CWE-787
Out-of-bounds Write
|
CVE-2018-13876
|
2024-11-21 12:48 |
2018-07-11 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
246829
|
7.8 |
HIGH
Local
|
hdfgroup
|
hdf5
|
An issue was discovered in the HDF HDF5 1.8.20 library. There is an out-of-bounds read in the function H5VM_memcpyvv in H5VM.c.
|
CWE-125
Out-of-bounds Read
|
CVE-2018-13875
|
2024-11-21 12:48 |
2018-07-11 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
246830
|
9.8 |
CRITICAL
Network
|
hdfgroup
|
hdf5
|
An issue was discovered in the HDF HDF5 1.8.20 library. There is a stack-based buffer overflow in the function H5FD_sec2_read in H5FDsec2.c, related to HDmemset.
|
CWE-787
Out-of-bounds Write
|
CVE-2018-13874
|
2024-11-21 12:48 |
2018-07-11 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
