|
250131
|
9.8 |
CRITICAL
Network
|
zohocorp
|
manageengine_desktop_central
|
An issue was discovered in Zoho ManageEngine Desktop Central before 100251. By leveraging access to a log file, a context-dependent attacker can obtain (depending on the modules configured) the Base6…
|
CWE-532
Inclusion of Sensitive Information in Log Files
|
CVE-2018-11717
|
2024-11-21 12:43 |
2018-07-16 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
250132
|
8.0 |
HIGH
Adjacent
|
debian
videolan
|
debian_linux
vlc_media_player
|
VideoLAN VLC media player 2.2.x is prone to a use after free vulnerability which an attacker can leverage to execute arbitrary code via crafted MKV files. Failed exploit attempts will likely result i…
|
CWE-416
Use After Free
|
CVE-2018-11529
|
2024-11-21 12:43 |
2018-07-12 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
250133
|
6.1 |
MEDIUM
Network
|
siemens
|
teamcenter_product_lifecycle_management
|
A reflected Cross-Site-Scripting (XSS) vulnerability has been identified in Siemens PLM Software TEAMCENTER (V9.1.2.5). If a user visits the login portal through the URL crafted by the attacker, the …
|
CWE-79
Cross-site Scripting
|
CVE-2018-11450
|
2024-11-21 12:43 |
2018-07-10 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
250134
|
7.5 |
HIGH
Network
|
ribboncommunications
|
sonus_sbc_1000_firmware
sonus_sbc_2000_firmware
sbc_swe_lite_firmware
|
A Local File Inclusion (LFI) vulnerability in the Sonus SBC 1000 / SBC 2000 / SBC SWe Lite web interface allows for the downloading of arbitrary files via an unspecified vector. It affects the 1000 a…
|
CWE-22
Path Traversal
|
CVE-2018-11543
|
2024-11-21 12:43 |
2018-07-9 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
250135
|
9.8 |
CRITICAL
Network
|
ribboncommunications
|
sonus_sbc_1000_firmware
sonus_sbc_2000_firmware
sbc_swe_lite_firmware
|
A Remote Command Execution (RCE) vulnerability in the Sonus SBC 1000 / SBC 2000 / SBC SWe Lite web interface allows for the execution of arbitrary commands via an unspecified vector. It affects the 1…
|
NVD-CWE-noinfo
|
CVE-2018-11542
|
2024-11-21 12:43 |
2018-07-9 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
250136
|
9.8 |
CRITICAL
Network
|
ribboncommunications
|
sonus_sbc_1000_firmware
sonus_sbc_2000_firmware
sbc_swe_lite_web
|
A root privilege escalation vulnerability in the Sonus SBC 1000 / SBC 2000 / SBC SWe Lite web interface allows unauthorised access to privileged content via an unspecified vector. It affects the 1000…
|
CWE-862
Missing Authorization
|
CVE-2018-11541
|
2024-11-21 12:43 |
2018-07-9 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
250137
|
6.1 |
MEDIUM
Network
|
jirafeau
|
jirafeau
|
script.php in Jirafeau before 3.4.1 is affected by two stored Cross-Site Scripting (XSS) vulnerabilities. These are stored within the shared files description file and allow the execution of a JavaSc…
|
CWE-79
Cross-site Scripting
|
CVE-2018-11351
|
2024-11-21 12:43 |
2018-07-8 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
250138
|
6.1 |
MEDIUM
Network
|
jirafeau
|
jirafeau
|
An issue was discovered in Jirafeau before 3.4.1. The file "search by name" form is affected by one Cross-Site Scripting vulnerability via the name parameter.
|
CWE-79
Cross-site Scripting
|
CVE-2018-11350
|
2024-11-21 12:43 |
2018-07-8 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
250139
|
8.8 |
HIGH
Network
|
jirafeau
|
jirafeau
|
The administration panel of Jirafeau before 3.4.1 is vulnerable to three CSRF attacks on search functionalities: search_by_name, search_by_hash, and search_link.
|
CWE-352
Origin Validation Error
|
CVE-2018-11349
|
2024-11-21 12:43 |
2018-07-8 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
250140
|
7.8 |
HIGH
Local
|
google
|
android
|
Possible buffer overflow in msm_adsp_stream_callback_put due to lack of input validation of user-provided data that leads to integer overflow in all Android releases(Android for MSM, Firefox OS for M…
|
CWE-190
Integer Overflow or Wraparound
|
CVE-2018-11304
|
2024-11-21 12:43 |
2018-07-7 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
