|
250361
|
9.8 |
CRITICAL
Network
|
securityonion
|
squert
|
Security Onion Solutions Squert version 1.1.1 through 1.6.7 contains a SQL Injection vulnerability in .inc/callback.php that can result in execution of SQL commands. This attack appear to be exploita…
|
CWE-89
SQL Injection
|
CVE-2018-1000044
|
2024-11-21 12:39 |
2018-02-10 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
250362
|
9.8 |
CRITICAL
Network
|
securityonion
|
squert
|
Security Onion Solutions Squert version 1.0.1 through 1.6.7 contains a CWE-78: Improper Neutralization of Special Elements used in an OS Command (OS Command Injection) vulnerability in .inc/callback.…
|
CWE-78
OS Command
|
CVE-2018-1000043
|
2024-11-21 12:39 |
2018-02-10 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
250363
|
9.8 |
CRITICAL
Network
|
securityonion
|
squert
|
Security Onion Solutions Squert version 1.3.0 through 1.6.7 contains a CWE-78: Improper Neutralization of Special Elements used in an OS Command (OS Command Injection) vulnerability in .inc/callback.…
|
CWE-78
OS Command
|
CVE-2018-1000042
|
2024-11-21 12:39 |
2018-02-10 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
250364
|
8.8 |
HIGH
Network
|
gnome
debian
|
librsvg
debian_linux
|
GNOME librsvg version before commit c6ddf2ed4d768fd88adbea2b63f575cd523022ea contains a Improper input validation vulnerability in rsvg-io.c that can result in the victim's Windows username and NTLM …
|
NVD-CWE-noinfo
|
CVE-2018-1000041
|
2024-11-21 12:39 |
2018-02-10 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
250365
|
7.8 |
HIGH
Local
|
unzip_project
|
unzip
|
A heap-based buffer overflow exists in Info-Zip UnZip version <= 6.00 in the processing of password-protected archives that allows an attacker to perform a denial of service or to possibly achieve co…
|
CWE-787
Out-of-bounds Write
|
CVE-2018-1000035
|
2024-11-21 12:39 |
2018-02-10 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
250366
|
9.1 |
CRITICAL
Network
|
info-zip
|
unzip
|
An out-of-bounds read exists in Info-Zip UnZip version 6.10c22 that allows an attacker to perform a denial of service and read sensitive memory.
|
CWE-125
Out-of-bounds Read
|
CVE-2018-1000034
|
2024-11-21 12:39 |
2018-02-10 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
250367
|
9.1 |
CRITICAL
Network
|
info-zip
|
unzip
|
An out-of-bounds read exists in Info-Zip UnZip version 6.10c22 that allows an attacker to perform a denial of service and read sensitive memory.
|
CWE-125
Out-of-bounds Read
|
CVE-2018-1000033
|
2024-11-21 12:39 |
2018-02-10 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
250368
|
7.8 |
HIGH
Local
|
info-zip
|
unzip
|
A heap-based buffer overflow exists in Info-Zip UnZip version 6.10c22 that allows an attacker to perform a denial of service or to possibly achieve code execution.
|
CWE-787
Out-of-bounds Write
|
CVE-2018-1000032
|
2024-11-21 12:39 |
2018-02-10 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
250369
|
7.8 |
HIGH
Local
|
info-zip
|
unzip
|
A heap-based buffer overflow exists in Info-Zip UnZip version 6.10c22 that allows an attacker to perform a denial of service or to possibly achieve code execution.
|
CWE-787
Out-of-bounds Write
|
CVE-2018-1000031
|
2024-11-21 12:39 |
2018-02-10 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
250370
|
6.1 |
MEDIUM
Network
|
elsa_project
|
elsa
|
mcholste Enterprise Log Search and Archive (ELSA) version revision 1205, commit 2cc17f1 and earlier contains a Cross Site Scripting (XSS) vulnerability in index view (/) that can result in . This att…
|
CWE-79
Cross-site Scripting
|
CVE-2018-1000029
|
2024-11-21 12:39 |
2018-02-10 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
