|
246121
|
8.1 |
HIGH
Network
|
otcms
|
otcms
|
OTCMS 3.61 allows remote attackers to execute arbitrary PHP code via the accBackupDir parameter.
|
CWE-94
CWE-362
Code Injection
Race Condition
|
CVE-2018-17364
|
2024-11-21 12:54 |
2018-09-24 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
246122
|
6.1 |
MEDIUM
Network
|
weaselcms_project
|
weaselcms
|
Multiple XSS vulnerabilities in WeaselCMS v0.3.6 allow remote attackers to inject arbitrary web script or HTML via the PATH_INFO to index.php because $_SERVER['PHP_SELF'] is mishandled.
|
CWE-79
Cross-site Scripting
|
CVE-2018-17361
|
2024-11-21 12:54 |
2018-09-24 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
246123
|
5.5 |
MEDIUM
Local
|
gnu
|
binutils
|
An issue was discovered in the Binary File Descriptor (BFD) library (aka libbfd), as distributed in GNU Binutils 2.31. a heap-based buffer over-read in bfd_getl32 in libbfd.c allows an attacker to ca…
|
CWE-125
Out-of-bounds Read
|
CVE-2018-17360
|
2024-11-21 12:54 |
2018-09-24 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
246124
|
5.5 |
MEDIUM
Local
|
gnu
|
binutils
|
An issue was discovered in the Binary File Descriptor (BFD) library (aka libbfd), as distributed in GNU Binutils 2.31. An invalid memory access exists in bfd_zalloc in opncls.c. Attackers could lever…
|
CWE-119
Incorrect Access of Indexable Resource ('Range Error')
|
CVE-2018-17359
|
2024-11-21 12:54 |
2018-09-24 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
246125
|
5.5 |
MEDIUM
Local
|
gnu
|
binutils
|
An issue was discovered in the Binary File Descriptor (BFD) library (aka libbfd), as distributed in GNU Binutils 2.31. An invalid memory access exists in _bfd_stab_section_find_nearest_line in syms.c…
|
CWE-119
Incorrect Access of Indexable Resource ('Range Error')
|
CVE-2018-17358
|
2024-11-21 12:54 |
2018-09-24 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
246126
|
8.1 |
HIGH
Network
|
bigtreecms
|
bigtree_cms
|
BigTree 4.2.23 on Windows, when Advanced or Simple Rewrite routing is enabled, allows remote attackers to bypass authentication via a ..\ substring, as demonstrated by a launch.php?bigtree_htaccess_u…
|
CWE-287
Improper Authentication
|
CVE-2018-17341
|
2024-11-21 12:54 |
2018-09-23 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
246127
|
7.8 |
HIGH
Local
|
pdfalto_project
|
pdfalto
|
An issue has been found in pdfalto through 0.2. It is a heap-based buffer overflow in the function TextPage::dump in XmlAltoOutputDev.cc.
|
CWE-787
Out-of-bounds Write
|
CVE-2018-17338
|
2024-11-21 12:54 |
2018-09-23 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
246128
|
7.8 |
HIGH
Local
|
freedesktop
canonical
|
udisks
ubuntu_linux
|
UDisks 2.8.0 has a format string vulnerability in udisks_log in udiskslogging.c, allowing attackers to obtain sensitive information (stack contents), cause a denial of service (memory corruption), or…
|
CWE-134
Use of Externally-Controlled Format String
|
CVE-2018-17336
|
2024-11-21 12:54 |
2018-09-23 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
246129
|
9.8 |
CRITICAL
Network
|
libsvg2_project
|
libsvg2
|
An issue was discovered in libsvg2 through 2012-10-19. A stack-based buffer overflow in the svgGetNextPathField function in svg_string.c allows remote attackers to cause a denial of service (applicat…
|
CWE-787
Out-of-bounds Write
|
CVE-2018-17334
|
2024-11-21 12:54 |
2018-09-23 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
246130
|
9.8 |
CRITICAL
Network
|
libsvg2_project
|
libsvg2
|
An issue was discovered in libsvg2 through 2012-10-19. A stack-based buffer overflow in svgStringToLength in svg_types.c allows remote attackers to cause a denial of service (application crash) or po…
|
CWE-787
Out-of-bounds Write
|
CVE-2018-17333
|
2024-11-21 12:54 |
2018-09-23 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
