|
248341
|
7.5 |
HIGH
Network
|
mercurial
|
mercurial
|
The mpatch_decode function in mpatch.c in Mercurial before 4.6.1 mishandles certain situations where there should be at least 12 bytes remaining after the current position in the patch data, but actu…
|
CWE-20
Improper Input Validation
|
CVE-2018-13348
|
2024-11-21 12:46 |
2018-07-6 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
248342
|
9.8 |
CRITICAL
Network
|
mercurial
|
mercurial
|
mpatch.c in Mercurial before 4.6.1 mishandles integer addition and subtraction, aka OVE-20180430-0002.
|
CWE-190
Integer Overflow or Wraparound
|
CVE-2018-13347
|
2024-11-21 12:46 |
2018-07-6 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
248343
|
7.5 |
HIGH
Network
|
mercurial
|
mercurial
|
The mpatch_apply function in mpatch.c in Mercurial before 4.6.1 incorrectly proceeds in cases where the fragment start is past the end of the original data, aka OVE-20180430-0004.
|
CWE-20
Improper Input Validation
|
CVE-2018-13346
|
2024-11-21 12:46 |
2018-07-6 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
248344
|
8.8 |
HIGH
Network
|
gleeztech
|
gleez_cms
|
Gleez CMS 1.2.0 has CSRF, as demonstrated by a /page/add request.
|
CWE-352
Origin Validation Error
|
CVE-2018-13340
|
2024-11-21 12:46 |
2018-07-6 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
248345
|
6.1 |
MEDIUM
Network
|
angular_redactor_project
|
angular_redactor
|
Imperavi Redactor 3 in Angular Redactor 1.1.6, when HTML content mode is used, allows stored XSS, as demonstrated by an onerror attribute of an IMG element, a related issue to CVE-2018-7035.
|
CWE-79
Cross-site Scripting
|
CVE-2018-13339
|
2024-11-21 12:46 |
2018-07-6 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
248346
|
9.8 |
CRITICAL
Network
|
cyberark
|
endpoint_privilege_manager
|
In CyberArk Endpoint Privilege Manager (formerly Viewfinity), Privilege Escalation is possible if the attacker has one process that executes as Admin.
|
NVD-CWE-noinfo
|
CVE-2018-13052
|
2024-11-21 12:46 |
2018-07-6 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
248347
|
8.8 |
HIGH
Network
|
damicms
|
damicms
|
DamiCMS v6.0.0 aand 6.1.0 allows CSRF via admin.php?s=/Admin/doadd to add an administrator account.
|
CWE-352
Origin Validation Error
|
CVE-2018-13031
|
2024-11-21 12:46 |
2018-07-6 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
248348
|
7.5 |
HIGH
Network
|
pfg_project
|
pfg
|
The transfer, transferFrom, and mint functions of a smart contract implementation for PFGc, an Ethereum token, have an integer overflow.
|
CWE-190
Integer Overflow or Wraparound
|
CVE-2018-13328
|
2024-11-21 12:46 |
2018-07-6 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
248349
|
7.5 |
HIGH
Network
|
chucunlingaigo_project
|
chucunlingaigo
|
The transfer and transferFrom functions of a smart contract implementation for ChuCunLingAIGO (CCLAG), an Ethereum token, have an integer overflow. NOTE: this has been disputed by a third party.
|
CWE-190
Integer Overflow or Wraparound
|
CVE-2018-13327
|
2024-11-21 12:46 |
2018-07-6 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
248350
|
7.5 |
HIGH
Network
|
bittelux_project
|
bittelux
|
The transfer and transferFrom functions of a smart contract implementation for Bittelux (BTX), an Ethereum token, have an integer overflow. NOTE: this has been disputed by a third party.
|
CWE-190
Integer Overflow or Wraparound
|
CVE-2018-13326
|
2024-11-21 12:46 |
2018-07-6 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
