|
247041
|
5.5 |
MEDIUM
Local
|
adobe
|
acrobat_dc
acrobat_reader_dc
|
Adobe Acrobat and Reader versions 2018.011.20063 and earlier, 2017.011.30102 and earlier, and 2015.006.30452 and earlier have an out-of-bounds read vulnerability. Successful exploitation could lead t…
|
CWE-125
Out-of-bounds Read
|
CVE-2018-15922
|
2024-11-21 12:51 |
2018-10-13 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
247042
|
7.8 |
HIGH
Local
|
adobe
|
acrobat_dc
acrobat_reader_dc
|
Adobe Acrobat and Reader versions 2018.011.20063 and earlier, 2017.011.30102 and earlier, and 2015.006.30452 and earlier have an use after free vulnerability. Successful exploitation could lead to ar…
|
CWE-416
Use After Free
|
CVE-2018-15920
|
2024-11-21 12:51 |
2018-10-13 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
247043
|
7.5 |
HIGH
Network
|
dell
|
encryption
endpoint_security_suite_enterprise
|
On install, Dell Encryption versions prior 10.0.1 and Dell Endpoint Security Suite Enterprise versions prior 2.0.1 will overwrite and manually set the "Minimum Password Length" group policy object to…
|
CWE-521
Weak Password Requirements
|
CVE-2018-15766
|
2024-11-21 12:51 |
2018-10-12 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
247044
|
6.8 |
MEDIUM
Physics
|
telegram
|
telegram
|
An issue was discovered in the org.telegram.messenger application 4.8.11 for Android. The FingerprintManager class for Biometric validation allows authentication bypass through the callback method fr…
|
CWE-287
Improper Authentication
|
CVE-2018-15543
|
2024-11-21 12:51 |
2018-10-10 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
247045
|
6.4 |
MEDIUM
Physics
|
telegram
|
telegram
|
An issue was discovered in the org.telegram.messenger application 4.8.11 for Android. The Passcode feature allows authentication bypass via runtime manipulation that forces a certain method's return …
|
CWE-287
Improper Authentication
|
CVE-2018-15542
|
2024-11-21 12:51 |
2018-10-10 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
247046
|
5.4 |
MEDIUM
Network
|
claromentis
|
claromentis
|
The Discuss v1.2.1 module in Claromentis 8.2.2 is vulnerable to stored Cross Site Scripting (XSS). An authenticated attacker will be able to place malicious JavaScript in the discussion forum, which …
|
CWE-79
Cross-site Scripting
|
CVE-2018-15903
|
2024-11-21 12:51 |
2018-10-9 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
247047
|
8.8 |
HIGH
Network
|
pivotal_software
|
pivotal_container_service
|
Pivotal Container Service, versions prior to 1.2.0, contains an information disclosure vulnerability which exposes IaaS credentials to application logs. A malicious user with access to application lo…
|
CWE-532
Inclusion of Sensitive Information in Log Files
|
CVE-2018-15763
|
2024-11-21 12:51 |
2018-10-6 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
247048
|
6.5 |
MEDIUM
Network
|
gitlab
|
gitlab
|
An issue was discovered in GitLab Community and Enterprise Edition before 11.0.6, 11.1.x before 11.1.5, and 11.2.x before 11.2.2. There is Missing Authorization Control for API Repository Storage.
|
CWE-862
Missing Authorization
|
CVE-2018-16048
|
2024-11-21 12:51 |
2018-10-4 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
247049
|
7.5 |
HIGH
Network
|
mensamax
|
mensamax
|
An issue was discovered in the MensaMax (aka com.breustedt.mensamax) application 4.3 for Android. The use of a Hard-coded DES Cryptographic Key allows an attacker who decodes the application to decry…
|
CWE-798
Use of Hard-coded Credentials
|
CVE-2018-15753
|
2024-11-21 12:51 |
2018-10-3 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
247050
|
8.1 |
HIGH
Network
|
mensamax
|
mensamax
|
An issue was discovered in the MensaMax (aka com.breustedt.mensamax) application 4.3 for Android. Cleartext Transmission of Sensitive Information allows man-in-the-middle attackers to eavesdrop authe…
|
CWE-319
Cleartext Transmission of Sensitive Information
|
CVE-2018-15752
|
2024-11-21 12:51 |
2018-10-3 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
