|
246271
|
6.1 |
MEDIUM
Network
|
nagios
|
nagios_xi
|
An issue was discovered in Nagios XI before 5.5.8. The rss_url parameter of rss_dashlet/magpierss/scripts/magpie_slashbox.php is not filtered, resulting in an XSS vulnerability.
|
CWE-79
Cross-site Scripting
|
CVE-2018-20172
|
2024-11-21 13:01 |
2018-12-18 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
246272
|
6.1 |
MEDIUM
Network
|
nagios
|
nagios_xi
|
An issue was discovered in Nagios XI before 5.5.8. The url parameter of rss_dashlet/magpierss/scripts/magpie_simple.php is not filtered, resulting in an XSS vulnerability.
|
CWE-79
Cross-site Scripting
|
CVE-2018-20171
|
2024-11-21 13:01 |
2018-12-18 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
246273
|
9.8 |
CRITICAL
Network
|
zohocorp
|
manageengine_opmanager
|
Zoho ManageEngine OpManager 12.3 before 123238 allows SQL injection via the getGraphData API.
|
CWE-89
SQL Injection
|
CVE-2018-20173
|
2024-11-21 13:01 |
2018-12-17 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
246274
|
5.3 |
MEDIUM
Network
|
openstack
|
keystone
|
OpenStack Keystone through 14.0.1 has a user enumeration vulnerability because invalid usernames have much faster responses than valid ones for a POST /v3/auth/tokens request. NOTE: the vendor's posi…
|
CWE-200
Information Exposure
|
CVE-2018-20170
|
2024-11-21 13:01 |
2018-12-17 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
246275
|
6.8 |
MEDIUM
Physics
|
linux
canonical
debian
|
linux_kernel
ubuntu_linux
debian_linux
|
An issue was discovered in the Linux kernel before 4.19.9. The USB subsystem mishandles size checks during the reading of an extra descriptor, related to __usb_get_extra_descriptor in drivers/usb/cor…
|
CWE-400
Uncontrolled Resource Consumption
|
CVE-2018-20169
|
2024-11-21 13:01 |
2018-12-17 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
246276
|
2.3 |
LOW
Local
|
ibm
|
qradar_security_information_and_event_manager
|
IBM QRadar SIEM 7.3 and 7.4 n a multi tenant configuration could be vulnerable to information disclosure. IBM X-Force ID: 147440.
|
NVD-CWE-noinfo
|
CVE-2018-1725
|
2024-11-21 13:00 |
2020-11-6 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
246277
|
4.4 |
MEDIUM
Local
|
ibm
|
security_rapport
|
IBM Trusteer Rapport/Apex 3.6.1908.22 contains an unused legacy driver which could allow a user with administrator privileges to cause a buffer overflow that would result in a kernel panic. IBM X-For…
|
CWE-120
Classic Buffer Overflow
|
CVE-2018-1985
|
2024-11-21 13:00 |
2020-08-25 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
246278
|
5.5 |
MEDIUM
Local
|
yast2-rmt_project
opensuse
suse
|
yast2-rmt
leap
suse_linux_enterprise_server
|
A Inclusion of Sensitive Information in Log Files vulnerability in yast2-rmt of SUSE Linux Enterprise Server 15; openSUSE Leap allows local attackers to learn the password if they can access the log …
|
CWE-532
Inclusion of Sensitive Information in Log Files
|
CVE-2018-20105
|
2024-11-21 13:00 |
2020-01-27 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
246279
|
5.3 |
MEDIUM
Network
|
ibm
|
watston_studio_local
|
IBM Watson Studio Local 1.2.3 could disclose sensitive information over the network that an attacked could use in further attacks against the system. IBM X-Force ID: 145238.
|
CWE-200
Information Exposure
|
CVE-2018-1682
|
2024-11-21 13:00 |
2019-12-31 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
246280
|
8.8 |
HIGH
Network
|
ibm
|
cognos_business_intelligence
|
IBM Cognos Business Intelligence 10.2.2 is vulnerable to cross-site request forgery which could allow an attacker to execute malicious and unauthorized actions transmitted from a user that the websit…
|
CWE-352
Origin Validation Error
|
CVE-2018-1934
|
2024-11-21 13:00 |
2019-12-21 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
