|
246201
|
7.5 |
HIGH
Network
|
seacms
|
seacms
|
SeaCMS 6.64 and 7.2 allows remote attackers to delete arbitrary files via the filedir parameter.
|
CWE-22
Path Traversal
|
CVE-2018-17365
|
2024-11-21 12:54 |
2018-09-27 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
246202
|
8.1 |
HIGH
Network
|
postman
|
postman
|
An information-disclosure issue was discovered in Postman through 6.3.0. It validates a server's X.509 certificate and presents an error if the certificate is not valid. Unfortunately, the associated…
|
CWE-295
Improper Certificate Validation
|
CVE-2018-17215
|
2024-11-21 12:54 |
2018-09-27 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
246203
|
5.4 |
MEDIUM
Network
|
modx
|
modx_revolution
|
MODX Revolution v2.6.5-pl allows stored XSS via a Create New Media Source action.
|
CWE-79
Cross-site Scripting
|
CVE-2018-17556
|
2024-11-21 12:54 |
2018-09-27 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
246204
|
7.5 |
HIGH
Network
|
commscope
|
arris_tg2492lg-na_firmware
|
The web component on ARRIS TG2492LG-NA 061213 devices allows remote attackers to obtain sensitive information via the /snmpGet oids parameter.
|
CWE-200
Information Exposure
|
CVE-2018-17555
|
2024-11-21 12:54 |
2018-09-27 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
246205
|
9.8 |
CRITICAL
Network
|
axon
|
evidence_sync
|
Axon (formerly TASER International) Evidence Sync 3.15.89 is vulnerable to process injection. NOTE: the vendor's position is that this CVE is not associated with information that supports any finding…
|
NVD-CWE-noinfo
|
CVE-2018-17538
|
2024-11-21 12:54 |
2018-09-26 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
246206
|
7.5 |
HIGH
Network
|
digium
debian
|
asterisk
certified_asterisk
debian_linux
|
There is a stack consumption vulnerability in the res_http_websocket.so module of Asterisk through 13.23.0, 14.7.x through 14.7.7, and 15.x through 15.6.0 and Certified Asterisk through 13.21-cert2. …
|
CWE-400
Uncontrolled Resource Consumption
|
CVE-2018-17281
|
2024-11-21 12:54 |
2018-09-25 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
246207
|
6.5 |
MEDIUM
Network
|
hdfgroup
|
hdf5
|
An issue was discovered in the HDF HDF5 1.10.3 library. There is a stack-based buffer overflow in the function H5S_extent_get_dims() in H5S.c. Specifically, this issue occurs while converting an HDF5…
|
CWE-787
Out-of-bounds Write
|
CVE-2018-17439
|
2024-11-21 12:54 |
2018-09-24 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
246208
|
6.5 |
MEDIUM
Network
|
hdfgroup
|
hdf5
|
A SIGFPE signal is raised in the function H5D__select_io() of H5Dselect.c in the HDF HDF5 through 1.10.3 library during an attempted parse of a crafted HDF file, because of incorrect protection again…
|
CWE-369
Divide By Zero
|
CVE-2018-17438
|
2024-11-21 12:54 |
2018-09-24 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
246209
|
6.5 |
MEDIUM
Network
|
hdfgroup
|
hdf5
|
Memory leak in the H5O_dtype_decode_helper() function in H5Odtype.c in the HDF HDF5 through 1.10.3 library allows attackers to cause a denial of service (memory consumption) via a crafted HDF5 file.
|
CWE-772
Missing Release of Resource after Effective Lifetime
|
CVE-2018-17437
|
2024-11-21 12:54 |
2018-09-24 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
246210
|
6.5 |
MEDIUM
Network
|
hdfgroup
|
hdf5
|
ReadCode() in decompress.c in the HDF HDF5 through 1.10.3 library allows attackers to cause a denial of service (invalid write access) via a crafted HDF5 file. This issue was triggered while converti…
|
CWE-787
Out-of-bounds Write
|
CVE-2018-17436
|
2024-11-21 12:54 |
2018-09-24 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
