|
246371
|
5.3 |
MEDIUM
Network
|
gleeztech
|
gleez_cms
|
A vulnerability in the Gleez CMS 1.2.0 login page could allow an unauthenticated, remote attacker to perform multiple user enumerations, which can further help an attacker to perform login attempts i…
|
CWE-307
CWE-521
CWE-732
mproper Restriction of Excessive Authentication Attempts
Weak Password Requirements
Incorrect Permission Assignment for Critical Resource
|
CVE-2018-16703
|
2024-11-21 12:53 |
2018-09-8 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
246372
|
7.0 |
HIGH
Local
|
contiki-ng
|
contiki-ng.
|
An issue was discovered in Contiki-NG through 4.1. There is a buffer over-read in lookup in os/storage/antelope/lvm.c while parsing AQL (lvm_register_variable, lvm_set_variable_value, create_intersec…
|
CWE-125
Out-of-bounds Read
|
CVE-2018-16667
|
2024-11-21 12:53 |
2018-09-8 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
246373
|
7.8 |
HIGH
Local
|
contiki-ng
|
contiki-ng.
|
An issue was discovered in Contiki-NG through 4.1. There is a stack-based buffer overflow in next_string in os/storage/antelope/aql-lexer.c while parsing AQL (parsing next string).
|
CWE-787
Out-of-bounds Write
|
CVE-2018-16666
|
2024-11-21 12:53 |
2018-09-8 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
246374
|
6.1 |
MEDIUM
Local
|
contiki-ng
|
contiki-ng.
|
An issue was discovered in Contiki-NG through 4.1. There is a buffer overflow while parsing AQL in lvm_shift_for_operator in os/storage/antelope/lvm.c.
|
CWE-119
Incorrect Access of Indexable Resource ('Range Error')
|
CVE-2018-16665
|
2024-11-21 12:53 |
2018-09-8 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
246375
|
7.0 |
HIGH
Local
|
contiki-ng
|
contiki-ng.
|
An issue was discovered in Contiki-NG through 4.1. There is a buffer overflow in lvm_set_type in os/storage/antelope/lvm.c while parsing AQL (lvm_set_op, lvm_set_relation, lvm_set_operand).
|
CWE-119
Incorrect Access of Indexable Resource ('Range Error')
|
CVE-2018-16664
|
2024-11-21 12:53 |
2018-09-8 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
246376
|
7.8 |
HIGH
Local
|
contiki-ng
|
contiki-ng.
|
An issue was discovered in Contiki-NG through 4.1. There is a stack-based buffer overflow in parse_relations in os/storage/antelope/aql-parser.c while parsing AQL (storage of relations).
|
CWE-787
Out-of-bounds Write
|
CVE-2018-16663
|
2024-11-21 12:53 |
2018-09-8 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
246377
|
6.1 |
MEDIUM
Local
|
linux
canonical
debian
|
linux_kernel
ubuntu_linux
debian_linux
|
An issue was discovered in the Linux kernel before 4.18.6. An information leak in cdrom_ioctl_drive_status in drivers/cdrom/cdrom.c could be used by local attackers to read kernel memory because a ca…
|
CWE-200
Information Exposure
|
CVE-2018-16658
|
2024-11-21 12:53 |
2018-09-7 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
246378
|
9.8 |
CRITICAL
Network
|
debian
kamailio
|
debian_linux
kamailio
|
In Kamailio before 5.0.7 and 5.1.x before 5.1.4, a crafted SIP message with an invalid Via header causes a segmentation fault and crashes Kamailio. The reason is missing input validation in the crcit…
|
CWE-476
NULL Pointer Dereference
|
CVE-2018-16657
|
2024-11-21 12:53 |
2018-09-7 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
246379
|
6.1 |
MEDIUM
Network
|
gxlcms
|
gxlcms
|
Gxlcms 1.0 has XSS via the PATH_INFO to gx/lib/ThinkPHP/Tpl/ThinkException.tpl.php.
|
CWE-79
Cross-site Scripting
|
CVE-2018-16655
|
2024-11-21 12:53 |
2018-09-7 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
246380
|
6.1 |
MEDIUM
Network
|
zurmo
|
zurmo_crm
|
Zurmo 3.2.4 Stable allows XSS via app/index.php/accounts/default/details?id=2&kanbanBoard=1&openToTaskId=1.
|
CWE-79
Cross-site Scripting
|
CVE-2018-16654
|
2024-11-21 12:53 |
2018-09-7 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
