|
251021
|
8.8 |
HIGH
Network
|
pivotal_software
|
pivotal_application_service
|
Pivotal Usage Service in Pivotal Application Service, versions 2.0 prior to 2.0.21 and 2.1 prior to 2.1.13 and 2.2 prior to 2.2.5, contains a bug which may allow escalation of privileges. A space dev…
|
NVD-CWE-noinfo
|
CVE-2018-11086
|
2024-11-21 12:42 |
2018-09-18 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
251022
|
7.8 |
HIGH
Local
|
synametrics
|
synaman
|
Synametrics SynaMan 4.0 build 1488 uses cleartext password storage for SMTP credentials.
|
CWE-522
Insufficiently Protected Credentials
|
CVE-2018-10814
|
2024-11-21 12:42 |
2018-09-15 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
251023
|
4.8 |
MEDIUM
Network
|
synametrics
|
synaman
|
Multiple cross-site scripting (XSS) vulnerabilities in Synametrics SynaMan 4.0 build 1488 via the (1) Main heading or (2) Sub heading fields in the Partial Branding configuration page.
|
CWE-79
Cross-site Scripting
|
CVE-2018-10763
|
2024-11-21 12:42 |
2018-09-15 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
251024
|
5.9 |
MEDIUM
Network
|
pivotal_software
|
spring_advanced_message_queuing_protocol
rabbitmq
|
Pivotal Spring AMQP, 1.x versions prior to 1.7.10 and 2.x versions prior to 2.0.6, expose a man-in-the-middle vulnerability due to lack of hostname validation. A malicious user that has the ability t…
|
CWE-295
Improper Certificate Validation
|
CVE-2018-11087
|
2024-11-21 12:42 |
2018-09-15 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
251025
|
9.8 |
CRITICAL
Network
|
dell
oracle
|
bsafe
bsafe_crypto-c
jd_edwards_enterpriseone_tools
security_service
enterprise_manager_ops_center
application_testing_suite
retail_predictive_application_server
communications_i…
|
RSA BSAFE Micro Edition Suite, versions prior to 4.0.11 (in 4.0.x) and prior to 4.1.6 (in 4.1.x), and RSA BSAFE Crypto-C Micro Edition, version prior to 4.0.5.3 (in 4.0.x) contain a Buffer Over-Read …
|
CWE-125
Out-of-bounds Read
|
CVE-2018-11058
|
2024-11-21 12:42 |
2018-09-15 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
251026
|
7.5 |
HIGH
Network
|
dell
|
emc_vplex_geosynchrony
|
Dell EMC VPlex GeoSynchrony, versions prior to 6.1, contains an Insecure File Permissions vulnerability. A remote authenticated malicious user could read from VPN configuration files on and potential…
|
CWE-732
Incorrect Permission Assignment for Critical Resource
|
CVE-2018-11078
|
2024-11-21 12:42 |
2018-09-12 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
251027
|
5.9 |
MEDIUM
Network
|
dell
|
bsafe_crypto-j
rsa_bsafe_ssl-j
|
RSA BSAFE Crypto-J versions prior to 6.2.4 and RSA BSAFE SSL-J versions prior to 6.2.4 contain a Covert Timing Channel vulnerability during PKCS #1 unpadding operations, also known as a Bleichenbache…
|
CWE-327
Use of a Broken or Risky Cryptographic Algorithm
|
CVE-2018-11070
|
2024-11-21 12:42 |
2018-09-12 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
251028
|
5.9 |
MEDIUM
Network
|
dell
|
bsafe_ssl-j
|
RSA BSAFE SSL-J versions prior to 6.2.4 contain a Covert Timing Channel vulnerability during RSA decryption, also known as a Bleichenbacher attack on RSA decryption. A remote attacker may be able to …
|
CWE-327
Use of a Broken or Risky Cryptographic Algorithm
|
CVE-2018-11069
|
2024-11-21 12:42 |
2018-09-12 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
251029
|
4.6 |
MEDIUM
Physics
|
dell
|
bsafe_ssl-j
|
RSA BSAFE SSL-J versions prior to 6.2.4 contain a Heap Inspection vulnerability that could allow an attacker with physical access to the system to recover sensitive key material.
|
CWE-459
Incomplete Cleanup
|
CVE-2018-11068
|
2024-11-21 12:42 |
2018-09-12 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
251030
|
5.4 |
MEDIUM
Network
|
redhat
|
openshift_container_platform
|
A cross site scripting flaw exists in the tetonic-console component of Openshift Container Platform 3.11. An attacker with the ability to create pods can use this flaw to perform actions on the K8s A…
|
CWE-79
Cross-site Scripting
|
CVE-2018-10937
|
2024-11-21 12:42 |
2018-09-12 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
