|
248641
|
8.1 |
HIGH
Network
|
sass-lang
|
libsass
|
An issue was discovered in LibSass through 3.5.4. An out-of-bounds read of a memory region was found in the function Sass::Prelexer::skip_over_scopes which could be leveraged by an attacker to disclo…
|
CWE-125
Out-of-bounds Read
|
CVE-2018-11693
|
2024-11-21 12:43 |
2018-06-4 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
248642
|
9.8 |
CRITICAL
Network
|
canon
|
lbp3370_firmware
lbp3460_firmware
lbp7750c_firmware
lbp6650_firmware
|
An issue was discovered on Canon LBP6650, LBP3370, LBP3460, and LBP7750C devices. It is possible to bypass the Administrator Mode authentication for /tlogin.cgi via vectors involving frame.cgi?page=D…
|
CWE-287
Improper Authentication
|
CVE-2018-11692
|
2024-11-21 12:43 |
2018-06-4 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
248643
|
8.8 |
HIGH
Network
|
liblouis
canonical
opensuse
|
liblouis
ubuntu_linux
leap
|
Liblouis 3.5.0 has a stack-based Buffer Overflow in the function compileHyphenation in compileTranslationTable.c.
|
CWE-787
Out-of-bounds Write
|
CVE-2018-11685
|
2024-11-21 12:43 |
2018-06-4 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
248644
|
8.8 |
HIGH
Network
|
liblouis
canonical
opensuse
|
liblouis
ubuntu_linux
leap
|
Liblouis 3.5.0 has a stack-based Buffer Overflow in the function includeFile in compileTranslationTable.c.
|
CWE-787
Out-of-bounds Write
|
CVE-2018-11684
|
2024-11-21 12:43 |
2018-06-4 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
248645
|
8.8 |
HIGH
Network
|
liblouis
canonical
opensuse
|
liblouis
ubuntu_linux
leap
|
Liblouis 3.5.0 has a stack-based Buffer Overflow in the function parseChars in compileTranslationTable.c, a different vulnerability than CVE-2018-11440.
|
CWE-787
Out-of-bounds Write
|
CVE-2018-11683
|
2024-11-21 12:43 |
2018-06-4 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
248646
|
6.5 |
MEDIUM
Network
|
cmseasy
|
cmseasy
|
An issue was discovered in CmsEasy 6.1_20180508. There is a CSRF vulnerability in the rich text editor that can add an IFRAME element. This might be used in a DoS attack if a referenced remote URL is…
|
CWE-352
Origin Validation Error
|
CVE-2018-11680
|
2024-11-21 12:43 |
2018-06-2 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
248647
|
8.8 |
HIGH
Network
|
cmseasy
|
cmseasy
|
An issue was discovered in CmsEasy 6.1_20180508. There is a CSRF vulnerability that can add an article via /index.php?case=table&act=add&table=archive&admin_dir=admin.
|
CWE-352
Origin Validation Error
|
CVE-2018-11679
|
2024-11-21 12:43 |
2018-06-2 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
248648
|
9.8 |
CRITICAL
Network
|
lutron
|
stanza_firmware
radiora_2_firmware
homeworks_qs_firmware
|
Default and unremovable support credentials allow attackers to gain total super user control of an IoT device through a TELNET session to products using the Stanza Lutron integration protocol Revisio…
|
CWE-798
Use of Hard-coded Credentials
|
CVE-2018-11682
|
2024-11-21 12:43 |
2018-06-2 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
248649
|
9.8 |
CRITICAL
Network
|
lutron
|
stanza_firmware
radiora_2_firmware
homeworks_qs_firmware
|
Default and unremovable support credentials (user:nwk password:nwk2) allow attackers to gain total super user control of an IoT device through a TELNET session to products using the RadioRA 2 Lutron …
|
CWE-798
Use of Hard-coded Credentials
|
CVE-2018-11681
|
2024-11-21 12:43 |
2018-06-2 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
248650
|
9.8 |
CRITICAL
Network
|
lutron
|
stanza_firmware
radiora_2_firmware
homeworks_qs_firmware
|
Default and unremovable support credentials (user:lutron password:integration) allow attackers to gain total super user control of an IoT device through a TELNET session to products using the HomeWor…
|
CWE-798
Use of Hard-coded Credentials
|
CVE-2018-11629
|
2024-11-21 12:43 |
2018-06-2 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
