|
249151
|
8.1 |
HIGH
Network
|
hdfgroup
|
hdf5
|
An out of bounds read was discovered in H5O_fill_new_decode and H5O_fill_old_decode in H5Ofill.c in the HDF HDF5 1.10.2 library. It could allow a remote denial of service or information disclosure at…
|
CWE-125
Out-of-bounds Read
|
CVE-2018-11206
|
2024-11-21 12:42 |
2018-05-17 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
249152
|
8.1 |
HIGH
Network
|
hdfgroup
|
hdf5
|
A out of bounds read was discovered in H5VM_memcpyvv in H5VM.c in the HDF HDF5 1.10.2 library. It could allow a remote denial of service or information disclosure attack.
|
CWE-125
Out-of-bounds Read
|
CVE-2018-11205
|
2024-11-21 12:42 |
2018-05-17 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
249153
|
6.5 |
MEDIUM
Network
|
hdfgroup
|
hdf5
|
A NULL pointer dereference was discovered in H5O__chunk_deserialize in H5Ocache.c in the HDF HDF5 1.10.2 library. It could allow a remote denial of service attack.
|
CWE-476
NULL Pointer Dereference
|
CVE-2018-11204
|
2024-11-21 12:42 |
2018-05-17 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
249154
|
6.5 |
MEDIUM
Network
|
hdfgroup
|
hdf5
|
A division by zero was discovered in H5D__btree_decode_key in H5Dbtree.c in the HDF HDF5 1.10.2 library. It could allow a remote denial of service attack.
|
CWE-369
Divide By Zero
|
CVE-2018-11203
|
2024-11-21 12:42 |
2018-05-17 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
249155
|
6.5 |
MEDIUM
Network
|
hdfgroup
|
hdf5
|
A NULL pointer dereference was discovered in H5S_hyper_make_spans in H5Shyper.c in the HDF HDF5 1.10.2 library. It could allow a remote denial of service attack.
|
CWE-476
NULL Pointer Dereference
|
CVE-2018-11202
|
2024-11-21 12:42 |
2018-05-17 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
249156
|
6.1 |
MEDIUM
Network
|
livezilla
|
livezilla
|
chat/mobile/index.php in LiveZilla Live Chat 7.0.9.5 and prior is affected by Cross-Site Scripting via the Accept-Language HTTP header.
|
CWE-79
Cross-site Scripting
|
CVE-2018-10810
|
2024-11-21 12:42 |
2018-05-16 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
249157
|
9.8 |
CRITICAL
Network
|
intelbras
|
ncloud_300_firmware
|
An issue was discovered on Intelbras NCLOUD 300 1.0 devices. /cgi-bin/ExportSettings.sh, /goform/updateWPS, /goform/RebootSystem, and /goform/vpnBasicSettings do not require authentication. For examp…
|
CWE-798
Use of Hard-coded Credentials
|
CVE-2018-11094
|
2024-11-21 12:42 |
2018-05-16 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
249158
|
6.5 |
MEDIUM
Network
|
e107
|
e107
|
e107 2.1.7 has CSRF resulting in arbitrary user deletion.
|
CWE-352
Origin Validation Error
|
CVE-2018-11127
|
2024-11-21 12:42 |
2018-05-16 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
249159
|
8.8 |
HIGH
Network
|
doorgets
|
doorgets
|
dg-user/?controller=users&action=add in doorGets 7.0 has CSRF that results in adding an administrator account.
|
CWE-352
Origin Validation Error
|
CVE-2018-11126
|
2024-11-21 12:42 |
2018-05-16 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
249160
|
6.1 |
MEDIUM
Network
|
3cx
|
live_chat
|
There is stored cross site scripting in the wp-live-chat-support plugin before 8.0.08 for WordPress via the "name" (aka wplc_name) and "email" (aka wplc_email) input fields to wp-json/wp_live_chat_su…
|
CWE-79
Cross-site Scripting
|
CVE-2018-11105
|
2024-11-21 12:42 |
2018-05-16 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
