|
248041
|
6.5 |
MEDIUM
Network
|
apache
|
impala
|
Missing authorization check in Apache Impala before 3.0.1 allows a Kerberos-authenticated but unauthorized user to inject random data into a running query, leading to wrong results for a query.
|
CWE-862
Missing Authorization
|
CVE-2018-11785
|
2024-11-21 12:44 |
2018-10-25 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
248042
|
7.5 |
HIGH
Network
|
apache
|
spark
|
Spark's Apache Maven-based build includes a convenience script, 'build/mvn', that downloads and runs a zinc server to speed up compilation. It has been included in release branches since 1.3.x, up to…
|
NVD-CWE-noinfo
|
CVE-2018-11804
|
2024-11-21 12:44 |
2018-10-25 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
248043
|
6.1 |
MEDIUM
Network
|
symantec
|
web_isolation
|
Symantec Web Isolation (WI) 1.11 prior to 1.11.21 is susceptible to a reflected cross-site scripting (XSS) vulnerability. A remote attacker can target end users protected by WI with social engineerin…
|
CWE-79
Cross-site Scripting
|
CVE-2018-12246
|
2024-11-21 12:44 |
2018-10-23 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
248044
|
5.5 |
MEDIUM
Local
|
intel
|
graphics_driver
|
Denial of Service in Unified Shader Compiler in Intel Graphics Drivers before 10.18.x.5056 (aka 15.33.x.5056), 10.18.x.5057 (aka 15.36.x.5057) and 20.19.x.5058 (aka 15.40.x.5058) may allow an unprivi…
|
CWE-835
Loop with Unreachable Exit Condition ('Infinite Loop')
|
CVE-2018-12154
|
2024-11-21 12:44 |
2018-10-16 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
248045
|
5.5 |
MEDIUM
Local
|
intel
|
quickassist_technology
|
Insufficient access control in driver stack for Intel QuickAssist Technology for Linux before version 4.2 may allow an unprivileged user to potentially disclose information via local access.
|
NVD-CWE-noinfo
|
CVE-2018-12193
|
2024-11-21 12:44 |
2018-10-11 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
248046
|
7.6 |
HIGH
Physics
|
intel
|
server_board_s2600bp_firmware
server_board_s2600wf_firmware
server_board_s2600st_firmware
server_board_s2600bpr_firmware
server_board_s2600wfr_firmware
server_board_s2600str_firmware
Insufficient access protection in firmware in Intel Server Board, Intel Server System and Intel Compute Module before firmware version 00.01.0014 may allow an unauthenticated attacker to potentially …
|
CWE-732
Incorrect Permission Assignment for Critical Resource
|
CVE-2018-12173
|
2024-11-21 12:44 |
2018-10-11 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
|
248047
|
5.5 |
MEDIUM
Local
|
intel
|
s7200ap_firmware
hns7200ap_firmware
s7200apr_firmware
hns7200apr_firmware
|
Improper password hashing in firmware in Intel Server Board (S7200AP,S7200APR) and Intel Compute Module (HNS7200AP, HNS7200AP) may allow a privileged user to potentially disclose firmware passwords v…
|
NVD-CWE-noinfo
|
CVE-2018-12172
|
2024-11-21 12:44 |
2018-10-11 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
248048
|
6.5 |
MEDIUM
Network
|
intel
|
raid_web_console
|
Insufficient session validation in the webserver component of the Intel Rapid Web Server 3 may allow an unauthenticated user to potentially disclose information via network access.
|
CWE-200
Information Exposure
|
CVE-2018-12161
|
2024-11-21 12:44 |
2018-10-11 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
248049
|
6.0 |
MEDIUM
Local
|
intel
|
next_unit_of_computing_firmware
|
Insufficient input validation in BIOS update utility in Intel NUC FW kits downloaded before May 24, 2018 may allow a privileged user to potentially trigger a denial of service or information disclosu…
|
CWE-200
Information Exposure
|
CVE-2018-12158
|
2024-11-21 12:44 |
2018-10-11 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
248050
|
6.5 |
MEDIUM
Local
|
intel
|
graphics_driver
|
Denial of Service in Unified Shader Compiler in Intel Graphics Drivers before 10.18.x.5056 (aka 15.33.x.5056), 10.18.x.5057 (aka 15.36.x.5057) and 20.19.x.5058 (aka 15.40.x.5058) may allow an unprivi…
|
CWE-20
Improper Input Validation
|
CVE-2018-12153
|
2024-11-21 12:44 |
2018-10-11 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
