|
250151
|
9.8 |
CRITICAL
Network
|
centreon
|
centreon_web
centreon
|
Multiple SQL injection vulnerabilities in Centreon 3.4.6 including Centreon Web 2.8.23 allow attacks via the searchU parameter in viewLogs.php, the id parameter in GetXmlHost.php, the chartId paramet…
|
CWE-89
SQL Injection
|
CVE-2018-11589
|
2024-11-21 12:43 |
2018-06-26 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
250152
|
5.4 |
MEDIUM
Network
|
centreon
|
centreon_web
centreon
|
Centreon 3.4.6 including Centreon Web 2.8.23 is vulnerable to an authenticated user injecting a payload into the username or command description, resulting in stored XSS. This is related to www/inclu…
|
CWE-79
Cross-site Scripting
|
CVE-2018-11588
|
2024-11-21 12:43 |
2018-06-26 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
250153
|
9.8 |
CRITICAL
Network
|
centreon
|
centreon_web
centreon
|
There is Remote Code Execution in Centreon 3.4.6 including Centreon Web 2.8.23 via the RPN value in the Virtual Metric form in centreonGraph.class.php.
|
CWE-94
Code Injection
|
CVE-2018-11587
|
2024-11-21 12:43 |
2018-06-26 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
250154
|
7.5 |
HIGH
Network
|
gold_reward_project
|
gold_reward
|
The buy function of a smart contract implementation for Gold Reward (GRX), an Ethereum ERC20 token, allows a potential trap that could be used to cause financial damage to the buyer because of overfl…
|
CWE-190
Integer Overflow or Wraparound
|
CVE-2018-11446
|
2024-11-21 12:43 |
2018-06-25 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
250155
|
9.8 |
CRITICAL
Network
|
insteon
|
2864-222_firmware
|
The webService binary on Insteon HD IP Camera White 2864-222 devices has a stack-based Buffer Overflow leading to Control-Flow Hijacking via a crafted usr key, as demonstrated by a long remoteIp para…
|
CWE-787
Out-of-bounds Write
|
CVE-2018-11560
|
2024-11-21 12:43 |
2018-06-24 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
250156
|
7.8 |
HIGH
Local
|
faststone
|
image_viewer
|
FastStone Image Viewer 6.2 has a User Mode Read and Execute AV at 0x0057898e, triggered when the user opens a malformed JPEG file that is mishandled by FSViewer.exe. Attackers could exploit this issu…
|
CWE-119
Incorrect Access of Indexable Resource ('Range Error')
|
CVE-2018-11707
|
2024-11-21 12:43 |
2018-06-20 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
250157
|
7.8 |
HIGH
Local
|
faststone
|
image_viewer
|
FastStone Image Viewer 6.2 has a User Mode Write AV at 0x00578dd8, triggered when the user opens a malformed JPEG file that is mishandled by FSViewer.exe. Attackers could exploit this issue for DoS (…
|
CWE-119
Incorrect Access of Indexable Resource ('Range Error')
|
CVE-2018-11706
|
2024-11-21 12:43 |
2018-06-20 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
250158
|
7.8 |
HIGH
Local
|
faststone
|
image_viewer
|
FastStone Image Viewer 6.2 has a User Mode Write AV at 0x00578cc4, triggered when the user opens a malformed JPEG file that is mishandled by FSViewer.exe. Attackers could exploit this issue for DoS (…
|
CWE-119
Incorrect Access of Indexable Resource ('Range Error')
|
CVE-2018-11705
|
2024-11-21 12:43 |
2018-06-20 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
250159
|
7.8 |
HIGH
Local
|
faststone
|
image_viewer
|
FastStone Image Viewer 6.2 has a User Mode Write AV at 0x00402d7d, triggered when the user opens a malformed JPEG file that is mishandled by FSViewer.exe. Attackers could exploit this issue for DoS (…
|
CWE-119
Incorrect Access of Indexable Resource ('Range Error')
|
CVE-2018-11704
|
2024-11-21 12:43 |
2018-06-20 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
250160
|
7.8 |
HIGH
Local
|
faststone
|
image_viewer
|
FastStone Image Viewer 6.2 has a User Mode Write AV at 0x00402d6a, triggered when the user opens a malformed JPEG file that is mishandled by FSViewer.exe. Attackers could exploit this issue for DoS (…
|
CWE-119
Incorrect Access of Indexable Resource ('Range Error')
|
CVE-2018-11703
|
2024-11-21 12:43 |
2018-06-20 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
