|
246741
|
6.1 |
MEDIUM
Network
|
nih
|
ncbi_toolbox
|
An XSS vulnerability exists in wwwblast.c in the 2.0.7 through 2.2.26 legacy versions of the NCBI ToolBox via a crafted -z1 argument.
|
CWE-79
Cross-site Scripting
|
CVE-2018-16718
|
2024-11-21 12:53 |
2019-05-3 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
246742
|
9.8 |
CRITICAL
Network
|
nih
|
ncbi_toolbox
|
A heap-based buffer overflow exists in nph-viewgif.cgi in the 2.0.7 through 2.2.26 legacy versions of the NCBI ToolBox.
|
CWE-787
Out-of-bounds Write
|
CVE-2018-16717
|
2024-11-21 12:53 |
2019-05-3 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
246743
|
9.1 |
CRITICAL
Network
|
nih
|
ncbi_toolbox
|
A path traversal vulnerability exists in viewcgi.c in the 2.0.7 through 2.2.26 legacy versions of the NCBI ToolBox, which may result in reading of arbitrary files (i.e., significant information discl…
|
CWE-22
Path Traversal
|
CVE-2018-16716
|
2024-11-21 12:53 |
2019-05-3 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
246744
|
8.8 |
HIGH
Network
|
imperva
|
securesphere
|
A command injection vulnerability in PWS in Imperva SecureSphere 13.0.0.10 and 13.1.0.10 Gateway allows an attacker with authenticated access to execute arbitrary OS commands on a vulnerable installa…
|
CWE-78
OS Command
|
CVE-2018-16660
|
2024-11-21 12:53 |
2019-04-26 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
246745
|
7.7 |
HIGH
Network
|
printeron
|
printeron
|
An XML external entity (XXE) vulnerability in PrinterOn version 4.1.4 and lower allows remote authenticated users to read arbitrary files or conduct server-side request forgery (SSRF) attacks via a c…
|
CWE-611
XXE
|
CVE-2018-17169
|
2024-11-21 12:53 |
2019-04-23 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
246746
|
5.5 |
MEDIUM
Local
|
clusterlabs
canonical
fedoraproject
debian
opensuse
redhat
|
pacemaker
ubuntu_linux
fedora
debian_linux
leap
enterprise_linux
enterprise_linux_eus
enterprise_linux_aus
enterprise_linux_tus
|
A flaw was found in pacemaker up to and including version 2.0.1. An insufficient verification inflicted preference of uncontrolled processes can lead to DoS
|
CWE-400
Uncontrolled Resource Consumption
|
CVE-2018-16878
|
2024-11-21 12:53 |
2019-04-19 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
246747
|
7.8 |
HIGH
Local
|
clusterlabs
canonical
fedoraproject
debian
opensuse
redhat
|
pacemaker
ubuntu_linux
fedora
debian_linux
leap
enterprise_linux
enterprise_linux_eus
enterprise_linux_server_tus
enterprise_linux_server_aus
|
A flaw was found in the way pacemaker's client-server authentication was implemented in versions up to and including 2.0.0. A local attacker could use this flaw, and combine it with other IPC weaknes…
|
NVD-CWE-noinfo
|
CVE-2018-16877
|
2024-11-21 12:53 |
2019-04-19 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
246748
|
6.5 |
MEDIUM
Network
|
printeron
|
printeron
|
PrinterOn Enterprise 4.1.4 contains multiple Cross Site Request Forgery (CSRF) vulnerabilities in the Administration page. For example, an administrator, by following a link, can be tricked into maki…
|
CWE-352
Origin Validation Error
|
CVE-2018-17168
|
2024-11-21 12:53 |
2019-04-19 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
246749
|
6.1 |
MEDIUM
Network
|
filemanagerpro
|
file_manager
|
There is an XSS vulnerability in the mndpsingh287 File Manager plugin 3.0 for WordPress via the page=wp_file_manager_root public_path parameter.
|
CWE-79
Cross-site Scripting
|
CVE-2018-16967
|
2024-11-21 12:53 |
2019-04-16 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
246750
|
8.8 |
HIGH
Network
|
filemanagerpro
|
file_manager
|
There is a CSRF vulnerability in the mndpsingh287 File Manager plugin 3.0 for WordPress via the page=wp_file_manager_root public_path parameter.
|
CWE-352
Origin Validation Error
|
CVE-2018-16966
|
2024-11-21 12:53 |
2019-04-16 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
