|
247021
|
6.1 |
MEDIUM
Network
|
omeka
|
omeka
|
admin/themes/default/items/tag-form.php in Omeka before 2.6.1 allows XSS by adding or editing a tag.
|
CWE-79
Cross-site Scripting
|
CVE-2018-13423
|
2024-11-21 12:47 |
2018-07-8 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
247022
|
6.1 |
MEDIUM
Network
|
tecnick
|
tcexam
|
TCExam before 14.1.2 has XSS via an ff_ or xl_ field.
|
CWE-79
Cross-site Scripting
|
CVE-2018-13422
|
2024-11-21 12:47 |
2018-07-8 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
247023
|
9.8 |
CRITICAL
Network
|
fast-cpp-csv-parser_project
|
fast-cpp-csv-parser
|
Fast C++ CSV Parser (aka fast-cpp-csv-parser) before 2018-07-06 has a heap-based buffer over-read in io::trim_chars in csv.h.
|
CWE-125
Out-of-bounds Read
|
CVE-2018-13421
|
2024-11-21 12:47 |
2018-07-8 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
247024
|
7.5 |
HIGH
Network
|
gperftools_project
|
gperftools
|
Google gperftools 2.7 has a memory leak in malloc_extension.cc, related to MallocExtension::Register and InitModule. NOTE: the software maintainer indicates that this is not a bug; it is only a false…
|
CWE-772
Missing Release of Resource after Effective Lifetime
|
CVE-2018-13420
|
2024-11-21 12:47 |
2018-07-8 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
247025
|
6.5 |
MEDIUM
Network
|
libsndfile_project
|
libsndfile
|
An issue has been found in libsndfile 1.0.28. There is a memory leak in psf_allocate in common.c, as demonstrated by sndfile-convert. NOTE: The maintainer and third parties were unable to reproduce a…
|
CWE-772
Missing Release of Resource after Effective Lifetime
|
CVE-2018-13419
|
2024-11-21 12:47 |
2018-07-8 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
247026
|
9.8 |
CRITICAL
Network
|
info-zip_project
|
zip
|
Info-ZIP Zip 3.0, when the -T and -TT command-line options are used, allows attackers to cause a denial of service (invalid free and application crash) or possibly have unspecified other impact becau…
|
CWE-416
Use After Free
|
CVE-2018-13410
|
2024-11-21 12:47 |
2018-07-7 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
247027
|
6.1 |
MEDIUM
Network
|
jirafeau
|
jirafeau
|
An issue was discovered in Jirafeau before 3.4.1. The "search file by hash" form is affected by reflected XSS that could allow, by targeting an administrator, stealing a session and gaining administr…
|
CWE-79
Cross-site Scripting
|
CVE-2018-13409
|
2024-11-21 12:47 |
2018-07-7 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
247028
|
6.1 |
MEDIUM
Network
|
jirafeau
|
jirafeau
|
An issue was discovered in Jirafeau before 3.4.1. The "search file by link" form is affected by reflected XSS that could allow, by targeting an administrator, stealing a session and gaining administr…
|
CWE-79
Cross-site Scripting
|
CVE-2018-13408
|
2024-11-21 12:47 |
2018-07-7 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
247029
|
4.9 |
MEDIUM
Network
|
jirafeau
|
jirafeau
|
A CSRF issue was discovered in Jirafeau before 3.4.1. The "delete file" feature on the admin panel is not protected against automated requests and could be abused.
|
CWE-352
Origin Validation Error
|
CVE-2018-13407
|
2024-11-21 12:47 |
2018-07-7 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
247030
|
7.8 |
HIGH
Local
|
linux
canonical
debian
|
linux_kernel
ubuntu_linux
debian_linux
|
An integer overflow in the uvesafb_setcmap function in drivers/video/fbdev/uvesafb.c in the Linux kernel before 4.17.4 could result in local attackers being able to crash the kernel or potentially el…
|
CWE-190
Integer Overflow or Wraparound
|
CVE-2018-13406
|
2024-11-21 12:47 |
2018-07-6 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
