|
249461
|
8.8 |
HIGH
Network
|
miniupnp_project
|
ngiflib
|
The DecodeGifImg function in ngiflib.c in MiniUPnP ngiflib 0.4 does not consider the bounds of the pixels data structure, which allows remote attackers to cause a denial of service (WritePixels heap-…
|
CWE-787
Out-of-bounds Write
|
CVE-2018-10717
|
2024-11-21 12:41 |
2018-05-4 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
249462
|
5.5 |
MEDIUM
Local
|
2345_security_guard_project
|
2345_security_guard
|
An issue was discovered in Shanghai 2345 Security Guard 3.7.0. 2345MPCSafe.exe, 2345SafeTray.exe, and 2345Speedup.exe allow local users to bypass intended process protections, and consequently termin…
|
NVD-CWE-noinfo
|
CVE-2018-10716
|
2024-11-21 12:41 |
2018-05-4 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
249463
|
8.8 |
HIGH
Network
|
d-link
|
dsl-3782_firmware
|
An issue was discovered on D-Link DSL-3782 EU 1.01 devices. An authenticated user can pass a long buffer as a 'read' parameter to the '/userfs/bin/tcapi' binary (in the Diagnostics component) using t…
|
CWE-119
Incorrect Access of Indexable Resource ('Range Error')
|
CVE-2018-10713
|
2024-11-21 12:41 |
2018-05-4 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
249464
|
5.5 |
MEDIUM
Local
|
blktrace_project
|
blktrace
|
blktrace (aka Block IO Tracing) 1.2.0, as used with the Linux kernel and Android, has a buffer overflow in the dev_map_read function in btt/devmap.c because the device and devno arrays are too small,…
|
CWE-119
Incorrect Access of Indexable Resource ('Range Error')
|
CVE-2018-10689
|
2024-11-21 12:41 |
2018-05-3 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
249465
|
7.5 |
HIGH
Network
|
auroradao
|
idex_membership
|
The Owned smart contract implementation for Aurora IDEX Membership (IDXM), an Ethereum ERC20 token, allows attackers to acquire contract ownership because the setOwner function is declared as public.…
|
NVD-CWE-noinfo
|
CVE-2018-10666
|
2024-11-21 12:41 |
2018-05-3 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
249466
|
9.8 |
CRITICAL
Network
|
long_range_zip_project
|
long_range_zip
|
In Long Range Zip (aka lrzip) 0.631, there is a use-after-free in the lzma_decompress_buf function of stream.c, which allows remote attackers to cause a denial of service (application crash) or possi…
|
CWE-416
Use After Free
|
CVE-2018-10685
|
2024-11-21 12:41 |
2018-05-3 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
249467
|
9.8 |
CRITICAL
Network
|
watchguard
|
ap200_firmware
ap102_firmware
ap100_firmware
ap300_firmware
|
An issue was discovered on WatchGuard AP100, AP102, and AP200 devices with firmware before 1.2.9.15, and AP300 devices with firmware before 2.0.0.10. Incorrect validation of the "old password" field …
|
CWE-20
Improper Input Validation
|
CVE-2018-10578
|
2024-11-21 12:41 |
2018-05-3 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
249468
|
8.8 |
HIGH
Network
|
watchguard
|
ap200_firmware
ap102_firmware
ap100_firmware
ap300_firmware
|
An issue was discovered on WatchGuard AP100, AP102, and AP200 devices with firmware before 1.2.9.15, and AP300 devices with firmware before 2.0.0.10. File upload functionality allows any users authen…
|
CWE-434
Unrestricted Upload of File with Dangerous Type
|
CVE-2018-10577
|
2024-11-21 12:41 |
2018-05-3 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
249469
|
6.1 |
MEDIUM
Network
|
flexense
|
disksorter
|
XSS exists in Flexense DiskSorter Enterprise from v9.5.12 to v10.7.
|
CWE-79
Cross-site Scripting
|
CVE-2018-10568
|
2024-11-21 12:41 |
2018-05-3 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
249470
|
6.1 |
MEDIUM
Network
|
flexense
|
vx_search
|
XSS exists in Flexense VX Search Enterprise from v10.1.12 to v10.7.
|
CWE-79
Cross-site Scripting
|
CVE-2018-10567
|
2024-11-21 12:41 |
2018-05-3 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
