|
249341
|
7.5 |
HIGH
Network
|
opensuse
|
leap
|
A Improper Neutralization of CRLF Sequences vulnerability in Open Build Service allows remote attackers to cause deletion of directories by tricking obs-service-refresh_patches to delete them. Affect…
|
CWE-93
CRLF Injection
|
CVE-2018-12477
|
2024-11-21 12:45 |
2018-10-9 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
249342
|
9.8 |
CRITICAL
Network
|
opensuse
|
tar_scm
|
Improper input validation in obs-service-tar_scm of Open Build Service allows remote attackers to cause access and extract information outside the current build or cause the creation of file in attac…
|
CWE-20
Improper Input Validation
|
CVE-2018-12474
|
2024-11-21 12:45 |
2018-10-9 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
249343
|
9.1 |
CRITICAL
Network
|
suse
|
subscription_management_tool
|
A improper authentication using the HOST header in SUSE Linux SMT allows remote attackers to spoof a sibling server. Affected releases are SUSE Linux SMT: versions prior to 3.0.37.
|
CWE-287
Improper Authentication
|
CVE-2018-12472
|
2024-11-21 12:45 |
2018-10-4 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
249344
|
8.1 |
HIGH
Network
|
suse
|
subscription_management_tool
|
A External Entity Reference ('XXE') vulnerability in SUSE Linux SMT allows remote attackers to read data from the server or cause DoS by referencing blocking elements. Affected releases are SUSE Linu…
|
CWE-611
XXE
|
CVE-2018-12471
|
2024-11-21 12:45 |
2018-10-4 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
249345
|
9.8 |
CRITICAL
Network
|
suse
|
subscription_management_tool
|
A SQL Injection in the RegistrationSharing module of SUSE Linux SMT allows remote attackers to cause execute arbitrary SQL statements. Affected releases are SUSE Linux SMT: versions prior to 3.0.37.
|
CWE-89
SQL Injection
|
CVE-2018-12470
|
2024-11-21 12:45 |
2018-10-4 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
249346
|
7.5 |
HIGH
Network
|
opensuse
|
open_build_service
|
A path traversal traversal vulnerability in obs-service-tar_scm of Open Build Service allows remote attackers to cause access files not in the current build. On the server itself this is prevented by…
|
CWE-22
Path Traversal
|
CVE-2018-12473
|
2024-11-21 12:45 |
2018-10-3 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
249347
|
7.5 |
HIGH
Network
|
adobe
|
acrobat_dc
acrobat_reader_dc
|
Adobe Acrobat and Reader versions 2018.011.20058 and earlier, 2017.011.30099 and earlier, and 2015.006.30448 and earlier have an out-of-bounds read vulnerability. Successful exploitation could lead t…
|
CWE-125
Out-of-bounds Read
|
CVE-2018-12850
|
2024-11-21 12:45 |
2018-09-25 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
249348
|
7.5 |
HIGH
Network
|
adobe
|
acrobat_dc
acrobat_reader_dc
|
Adobe Acrobat and Reader versions 2018.011.20058 and earlier, 2017.011.30099 and earlier, and 2015.006.30448 and earlier have an out-of-bounds read vulnerability. Successful exploitation could lead t…
|
CWE-125
Out-of-bounds Read
|
CVE-2018-12849
|
2024-11-21 12:45 |
2018-09-25 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
249349
|
9.8 |
CRITICAL
Network
|
adobe
|
acrobat_dc
acrobat_reader_dc
|
Adobe Acrobat and Reader versions 2018.011.20058 and earlier, 2017.011.30099 and earlier, and 2015.006.30448 and earlier have an out-of-bounds write vulnerability. Successful exploitation could lead …
|
CWE-787
Out-of-bounds Write
|
CVE-2018-12848
|
2024-11-21 12:45 |
2018-09-25 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
249350
|
7.5 |
HIGH
Network
|
adobe
|
acrobat_dc
acrobat_reader_dc
|
Adobe Acrobat and Reader versions 2018.011.20058 and earlier, 2017.011.30099 and earlier, and 2015.006.30448 and earlier have an out-of-bounds read vulnerability. Successful exploitation could lead t…
|
CWE-125
Out-of-bounds Read
|
CVE-2018-12840
|
2024-11-21 12:45 |
2018-09-25 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
