|
247171
|
6.1 |
MEDIUM
Network
|
angular_redactor_project
|
angular_redactor
|
Imperavi Redactor 3 in Angular Redactor 1.1.6, when HTML content mode is used, allows stored XSS, as demonstrated by an onerror attribute of an IMG element, a related issue to CVE-2018-7035.
|
CWE-79
Cross-site Scripting
|
CVE-2018-13339
|
2024-11-21 12:46 |
2018-07-6 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
247172
|
9.8 |
CRITICAL
Network
|
cyberark
|
endpoint_privilege_manager
|
In CyberArk Endpoint Privilege Manager (formerly Viewfinity), Privilege Escalation is possible if the attacker has one process that executes as Admin.
|
NVD-CWE-noinfo
|
CVE-2018-13052
|
2024-11-21 12:46 |
2018-07-6 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
247173
|
8.8 |
HIGH
Network
|
damicms
|
damicms
|
DamiCMS v6.0.0 aand 6.1.0 allows CSRF via admin.php?s=/Admin/doadd to add an administrator account.
|
CWE-352
Origin Validation Error
|
CVE-2018-13031
|
2024-11-21 12:46 |
2018-07-6 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
247174
|
7.5 |
HIGH
Network
|
pfg_project
|
pfg
|
The transfer, transferFrom, and mint functions of a smart contract implementation for PFGc, an Ethereum token, have an integer overflow.
|
CWE-190
Integer Overflow or Wraparound
|
CVE-2018-13328
|
2024-11-21 12:46 |
2018-07-6 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
247175
|
7.5 |
HIGH
Network
|
chucunlingaigo_project
|
chucunlingaigo
|
The transfer and transferFrom functions of a smart contract implementation for ChuCunLingAIGO (CCLAG), an Ethereum token, have an integer overflow. NOTE: this has been disputed by a third party.
|
CWE-190
Integer Overflow or Wraparound
|
CVE-2018-13327
|
2024-11-21 12:46 |
2018-07-6 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
247176
|
7.5 |
HIGH
Network
|
bittelux_project
|
bittelux
|
The transfer and transferFrom functions of a smart contract implementation for Bittelux (BTX), an Ethereum token, have an integer overflow. NOTE: this has been disputed by a third party.
|
CWE-190
Integer Overflow or Wraparound
|
CVE-2018-13326
|
2024-11-21 12:46 |
2018-07-6 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
247177
|
7.5 |
HIGH
Network
|
boodskap
|
growchain
|
The _sell function of a smart contract implementation for GROWCHAIN (GROW), an Ethereum token, has an integer overflow.
|
CWE-190
Integer Overflow or Wraparound
|
CVE-2018-13325
|
2024-11-21 12:46 |
2018-07-6 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
247178
|
9.8 |
CRITICAL
Network
|
godoc
|
go_doc_dot_org
|
In Go Doc Dot Org (gddo) through 2018-06-27, an attacker could use specially crafted <go-import> tags in packages being fetched by gddo to cause a directory traversal and remote code execution.
|
CWE-22
Path Traversal
|
CVE-2018-12976
|
2024-11-21 12:46 |
2018-07-6 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
247179
|
9.8 |
CRITICAL
Network
|
gnome
canonical
debian
redhat
opensuse
|
libsoup
ubuntu_linux
debian_linux
enterprise_linux_desktop
enterprise_linux_workstation
enterprise_linux_server
openshift_container_platform
ansible_tower
leap
|
The get_cookies function in soup-cookie-jar.c in libsoup 2.63.2 allows attackers to have unspecified impact via an empty hostname.
|
CWE-125
Out-of-bounds Read
|
CVE-2018-12910
|
2024-11-21 12:46 |
2018-07-6 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
247180
|
8.1 |
HIGH
Network
|
ffmpeg
|
ffmpeg
|
In FFmpeg 4.0.1, due to a missing check for negative values of the mquant variable, the vc1_put_blocks_clamped function in libavcodec/vc1_block.c may trigger an out-of-array access while converting a…
|
CWE-125
Out-of-bounds Read
|
CVE-2018-13305
|
2024-11-21 12:46 |
2018-07-6 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
