|
246351
|
5.5 |
MEDIUM
Local
|
elfutils_project
debian
opensuse
canonical
redhat
|
elfutils
debian_linux
leap
ubuntu_linux
enterprise_linux_desktop
enterprise_linux_workstation
enterprise_linux_server
|
dwarf_getaranges in dwarf_getaranges.c in libdw in elfutils before 2018-08-18 allows remote attackers to cause a denial of service (heap-based buffer over-read) via a crafted file.
|
CWE-125
Out-of-bounds Read
|
CVE-2018-16062
|
2024-11-21 12:52 |
2018-08-29 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
246352
|
6.5 |
MEDIUM
Network
|
odoo
|
odoo
|
Improper access control in message routing in Odoo Community 12.0 and earlier and Odoo Enterprise 12.0 and earlier allows remote authenticated users to create arbitrary records via crafted payloads, …
|
CWE-732
Incorrect Permission Assignment for Critical Resource
|
CVE-2018-15645
|
2024-11-21 12:51 |
2020-12-23 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
246353
|
5.4 |
MEDIUM
Network
|
odoo
|
odoo
|
Cross-site scripting (XSS) issue in web module in Odoo Community 11.0 through 14.0 and Odoo Enterprise 11.0 through 14.0, allows remote authenticated internal users to inject arbitrary web script in …
|
CWE-79
Cross-site Scripting
|
CVE-2018-15641
|
2024-11-21 12:51 |
2020-12-23 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
246354
|
5.4 |
MEDIUM
Network
|
odoo
|
odoo
|
Cross-site scripting (XSS) issue in mail module in Odoo Community 13.0 and earlier and Odoo Enterprise 13.0 and earlier, allows remote attackers to inject arbitrary web script in the browser of a vic…
|
CWE-79
Cross-site Scripting
|
CVE-2018-15638
|
2024-11-21 12:51 |
2020-12-23 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
246355
|
6.1 |
MEDIUM
Network
|
odoo
|
odoo
|
Cross-site scripting (XSS) issue in attachment management in Odoo Community 14.0 and earlier and Odoo Enterprise 14.0 and earlier, allows remote attackers to inject arbitrary web script in the browse…
|
CWE-79
Cross-site Scripting
|
CVE-2018-15634
|
2024-11-21 12:51 |
2020-12-23 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
246356
|
6.1 |
MEDIUM
Network
|
odoo
|
odoo
|
Cross-site scripting (XSS) issue in "document" module in Odoo Community 11.0 and earlier and Odoo Enterprise 11.0 and earlier, allows remote attackers to inject arbitrary web script in the browser of…
|
CWE-79
Cross-site Scripting
|
CVE-2018-15633
|
2024-11-21 12:51 |
2020-12-23 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
246357
|
9.1 |
CRITICAL
Network
|
odoo
|
odoo
|
Improper input validation in database creation logic in Odoo Community 11.0 and earlier and Odoo Enterprise 11.0 and earlier, allows remote attackers to initialize an empty database on which they can…
|
CWE-20
Improper Input Validation
|
CVE-2018-15632
|
2024-11-21 12:51 |
2020-12-23 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
246358
|
6.1 |
MEDIUM
Network
|
easyio
|
easyio_30p_firmware
|
EasyIO EasyIO-30P devices before 2.0.5.27 allow XSS via the dev.htm GDN parameter.
|
CWE-79
Cross-site Scripting
|
CVE-2018-15820
|
2024-11-21 12:51 |
2020-03-3 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
246359
|
7.5 |
HIGH
Network
|
easyio
|
easyio_30p_firmware
|
EasyIO EasyIO-30P devices before 2.0.5.27 have Incorrect Access Control, related to webuser.js.
|
CWE-287
Improper Authentication
|
CVE-2018-15819
|
2024-11-21 12:51 |
2020-03-3 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
246360
|
5.5 |
MEDIUM
Local
|
stopzilla
|
antimalware
|
An issue was discovered in STOPzilla AntiMalware 6.5.2.59. The driver file szkg64.sys contains an Arbitrary Write vulnerability due to not validating the output buffer address value from IOCtl 0x8000…
|
CWE-20
Improper Input Validation
|
CVE-2018-15738
|
2024-11-21 12:51 |
2019-07-9 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
