|
248581
|
6.6 |
MEDIUM
Physics
|
simplisafe
|
u9k-kp1000_firmware
|
SimpliSafe Original has Unencrypted Keypad Transmissions, which allows physically proximate attackers to discover the PIN.
|
CWE-319
Cleartext Transmission of Sensitive Information
|
CVE-2018-11402
|
2024-11-21 12:43 |
2018-05-24 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
248582
|
4.6 |
MEDIUM
Physics
|
simplisafe
|
u9k-bs1000_firmware
|
In SimpliSafe Original, RF Interference (e.g., an extremely strong 433.92 MHz signal) by a physically proximate attacker does not cause a notification.
|
NVD-CWE-noinfo
|
CVE-2018-11401
|
2024-11-21 12:43 |
2018-05-24 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
248583
|
4.6 |
MEDIUM
Physics
|
simplisafe
|
u9k-bs1000_firmware
|
In SimpliSafe Original, the Base Station fails to detect tamper attempts: it does not send a notification if a physically proximate attacker removes the battery and external power.
|
NVD-CWE-noinfo
|
CVE-2018-11400
|
2024-11-21 12:43 |
2018-05-24 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
248584
|
4.3 |
MEDIUM
Physics
|
simplisafe
|
u9k-es1000_firmware
u9k-kr1_firmware
u9k-ms1000_firmware
u9k-wt1000_firmware
|
SimpliSafe Original has Unencrypted Sensor Transmissions, which allows physically proximate attackers to obtain potentially sensitive information about the specific times when alarm-system events occ…
|
CWE-319
Cleartext Transmission of Sensitive Information
|
CVE-2018-11399
|
2024-11-21 12:43 |
2018-05-24 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
248585
|
7.5 |
HIGH
Network
|
gnome
|
epiphany
|
ephy-session.c in libephymain.so in GNOME Web (aka Epiphany) through 3.28.2.1 allows remote attackers to cause a denial of service (application crash) via JavaScript code that triggers access to a NU…
|
NVD-CWE-noinfo
|
CVE-2018-11396
|
2024-11-21 12:43 |
2018-05-23 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
248586
|
7.8 |
HIGH
Local
|
windscribe
|
windscribe
|
Windscribe 1.81 creates a named pipe with a NULL DACL that allows Everyone users to gain privileges or cause a denial of service via \\.\pipe\WindscribeService.
|
CWE-732
Incorrect Permission Assignment for Critical Resource
|
CVE-2018-11334
|
2024-11-21 12:43 |
2018-05-23 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
248587
|
7.5 |
HIGH
Network
|
wireshark
debian
|
wireshark
debian_linux
|
In Wireshark 2.6.0, 2.4.0 to 2.4.6, and 2.2.0 to 2.2.14, the LDSS dissector could crash. This was addressed in epan/dissectors/packet-ldss.c by avoiding a buffer over-read upon encountering a missing…
|
CWE-125
Out-of-bounds Read
|
CVE-2018-11362
|
2024-11-21 12:43 |
2018-05-23 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
248588
|
7.5 |
HIGH
Network
|
wireshark
|
wireshark
|
In Wireshark 2.6.0, the IEEE 802.11 protocol dissector could crash. This was addressed in epan/crypt/dot11decrypt.c by avoiding a buffer overflow during FTE processing in Dot11DecryptTDLSDeriveKey.
|
CWE-119
Incorrect Access of Indexable Resource ('Range Error')
|
CVE-2018-11361
|
2024-11-21 12:43 |
2018-05-23 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
248589
|
7.5 |
HIGH
Network
|
wireshark
debian
|
wireshark
debian_linux
|
In Wireshark 2.6.0, 2.4.0 to 2.4.6, and 2.2.0 to 2.2.14, the GSM A DTAP dissector could crash. This was addressed in epan/dissectors/packet-gsm_a_dtap.c by fixing an off-by-one error that caused a bu…
|
CWE-119
Incorrect Access of Indexable Resource ('Range Error')
|
CVE-2018-11360
|
2024-11-21 12:43 |
2018-05-23 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
248590
|
7.5 |
HIGH
Network
|
wireshark
debian
|
wireshark
debian_linux
|
In Wireshark 2.6.0, 2.4.0 to 2.4.6, and 2.2.0 to 2.2.14, the RRC dissector and other dissectors could crash. This was addressed in epan/proto.c by avoiding a NULL pointer dereference.
|
CWE-476
NULL Pointer Dereference
|
CVE-2018-11359
|
2024-11-21 12:43 |
2018-05-23 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
