|
248711
|
6.5 |
MEDIUM
Network
|
libmobi_project
|
libmobi
|
The buffer_fill64 function in compression.c in Libmobi 0.3 allows remote attackers to cause information disclosure (heap-based buffer over-read) via a crafted mobi file.
|
CWE-125
Out-of-bounds Read
|
CVE-2018-11434
|
2024-11-21 12:43 |
2018-05-30 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
248712
|
6.5 |
MEDIUM
Network
|
libmobi_project
|
libmobi
|
The mobi_get_kf8boundary_seqnumber function in util.c in Libmobi 0.3 allows remote attackers to cause information disclosure (heap-based buffer over-read) via a crafted mobi file.
|
CWE-125
Out-of-bounds Read
|
CVE-2018-11433
|
2024-11-21 12:43 |
2018-05-30 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
248713
|
6.5 |
MEDIUM
Network
|
libmobi_project
|
libmobi
|
The mobi_parse_mobiheader function in read.c in Libmobi 0.3 allows remote attackers to cause information disclosure (heap-based buffer over-read) via a crafted mobi file.
|
CWE-125
Out-of-bounds Read
|
CVE-2018-11432
|
2024-11-21 12:43 |
2018-05-30 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
248714
|
5.4 |
MEDIUM
Network
|
domainmod
|
domainmod
|
DomainMod 4.10.0 has Stored XSS in the "/settings/profile/index.php" new_last_name parameter.
|
CWE-79
Cross-site Scripting
|
CVE-2018-11559
|
2024-11-21 12:43 |
2018-05-30 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
248715
|
5.4 |
MEDIUM
Network
|
domainmod
|
domainmod
|
DomainMod 4.10.0 has Stored XSS in the "/settings/profile/index.php" new_first_name parameter.
|
CWE-79
Cross-site Scripting
|
CVE-2018-11558
|
2024-11-21 12:43 |
2018-05-30 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
248716
|
6.1 |
MEDIUM
Network
|
yiban
|
easy_class_education_platform
|
YIBAN Easy class education platform 2.0 has XSS via the articlelist.php k parameter.
|
CWE-79
Cross-site Scripting
|
CVE-2018-11557
|
2024-11-21 12:43 |
2018-05-30 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
248717
|
7.8 |
HIGH
Local
|
littlecms
|
little_cms
|
tificc in Little CMS 2.9 has an out-of-bounds write in the cmsPipelineCheckAndRetreiveStages function in cmslut.c in liblcms2.a via a crafted TIFF file. NOTE: Little CMS developers do consider this a…
|
CWE-787
Out-of-bounds Write
|
CVE-2018-11556
|
2024-11-21 12:43 |
2018-05-30 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
248718
|
7.8 |
HIGH
Local
|
littlecms
|
little_cms
|
tificc in Little CMS 2.9 has an out-of-bounds write in the PrecalculatedXFORM function in cmsxform.c in liblcms2.a via a crafted TIFF file. NOTE: Little CMS developers do consider this a vulnerabilit…
|
CWE-787
Out-of-bounds Write
|
CVE-2018-11555
|
2024-11-21 12:43 |
2018-05-30 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
248719
|
5.4 |
MEDIUM
Network
|
wuzhicms
|
wuzhi_cms
|
An issue was discovered in WUZHI CMS 4.1.0 There is a Stored XSS Vulnerability in "Account Settings -> Member Centre -> Chinese information -> Ordinary member" via a QQ number, as demonstrated by a f…
|
CWE-79
Cross-site Scripting
|
CVE-2018-11549
|
2024-11-21 12:43 |
2018-05-30 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
248720
|
7.5 |
HIGH
Network
|
block
|
eos
|
An issue was discovered in EOS.IO DAWN 4.2. plugins/net_plugin/net_plugin.cpp does not limit the number of P2P connections from the same source IP address.
|
CWE-20
Improper Input Validation
|
CVE-2018-11548
|
2024-11-21 12:43 |
2018-05-30 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
