|
249311
|
7.5 |
HIGH
Network
|
gve
|
globalvillage_ecosystem
|
The approveAndCallcode function of a smart contract implementation for Globalvillage ecosystem (GVE), an Ethereum ERC20 token, allows attackers to steal assets (e.g., transfer the contract's balances…
|
CWE-20
Improper Input Validation
|
CVE-2018-12702
|
2024-11-21 12:45 |
2018-06-25 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
249312
|
4.3 |
MEDIUM
Adjacent
|
google
|
chromecast_firmware
home_firmware
|
The API service on Google Home and Chromecast devices before mid-July 2018 does not prevent DNS rebinding attacks from reading the scan_results JSON data, which allows remote attackers to determine t…
|
CWE-200
Information Exposure
|
CVE-2018-12716
|
2024-11-21 12:45 |
2018-06-25 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
249313
|
9.8 |
CRITICAL
Network
|
linux
|
linux_kernel
|
An issue was discovered in the Linux kernel through 4.17.2. The filter parsing in kernel/trace/trace_events_filter.c could be called with no filter, which is an N=0 case when it expected at least one…
|
CWE-787
Out-of-bounds Write
|
CVE-2018-12714
|
2024-11-21 12:45 |
2018-06-25 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
249314
|
9.8 |
CRITICAL
Network
|
digisol
|
dg-br4000ng_firmware
|
DIGISOL DG-BR4000NG devices have a Buffer Overflow via a long Authorization HTTP header.
|
CWE-119
Incorrect Access of Indexable Resource ('Range Error')
|
CVE-2018-12706
|
2024-11-21 12:45 |
2018-06-25 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
249315
|
6.1 |
MEDIUM
Network
|
digisol
|
dg-br4000ng_firmware
|
DIGISOL DG-BR4000NG devices have XSS via the SSID (it is validated only on the client side).
|
CWE-79
Cross-site Scripting
|
CVE-2018-12705
|
2024-11-21 12:45 |
2018-06-25 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
249316
|
9.1 |
CRITICAL
Network
|
gimp
|
gimp
|
GIMP through 2.10.2 makes g_get_tmp_dir calls to establish temporary filenames, which may result in a filename that already exists, as demonstrated by the gimp_write_and_read_file function in app/tes…
|
NVD-CWE-noinfo
|
CVE-2018-12713
|
2024-11-21 12:45 |
2018-06-25 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
249317
|
9.8 |
CRITICAL
Network
|
gnu
canonical
|
binutils
ubuntu_linux
|
finish_stab in stabs.c in GNU Binutils 2.30 allows attackers to cause a denial of service (heap-based buffer overflow) or possibly have unspecified other impact, as demonstrated by an out-of-bounds w…
|
CWE-787
Out-of-bounds Write
|
CVE-2018-12699
|
2024-11-21 12:45 |
2018-06-24 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
249318
|
7.5 |
HIGH
Network
|
gnu
canonical
|
binutils
ubuntu_linux
|
demangle_template in cplus-dem.c in GNU libiberty, as distributed in GNU Binutils 2.30, allows attackers to trigger excessive memory consumption (aka OOM) during the "Create an array for saving the t…
|
NVD-CWE-noinfo
|
CVE-2018-12698
|
2024-11-21 12:45 |
2018-06-24 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
249319
|
7.5 |
HIGH
Network
|
gnu
canonical
|
binutils
ubuntu_linux
|
A NULL pointer dereference (aka SEGV on unknown address 0x000000000000) was discovered in work_stuff_copy_to_from in cplus-dem.c in GNU libiberty, as distributed in GNU Binutils 2.30. This can occur …
|
CWE-476
NULL Pointer Dereference
|
CVE-2018-12697
|
2024-11-21 12:45 |
2018-06-24 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
249320
|
9.8 |
CRITICAL
Network
|
insteon
|
2864-222_firmware
|
The webService binary on Insteon HD IP Camera White 2864-222 devices has a Buffer Overflow via a crafted pid, pwd, or usr key in a GET request on port 34100.
|
CWE-119
Incorrect Access of Indexable Resource ('Range Error')
|
CVE-2018-12640
|
2024-11-21 12:45 |
2018-06-24 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
