|
250131
|
7.5 |
HIGH
Network
|
wireshark debian
|
wireshark debian_linux
|
In Wireshark 2.6.0 to 2.6.2, 2.4.0 to 2.4.8, and 2.2.0 to 2.2.16, the Bluetooth AVDTP dissector could crash. This was addressed in epan/dissectors/packet-btavdtp.c by properly initializing a data str…
|
CWE-665
Improper Initialization
|
CVE-2018-16058
|
2024-11-21 12:52 |
2018-08-30 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
250132
|
7.5 |
HIGH
Network
|
wireshark debian
|
wireshark debian_linux
|
In Wireshark 2.6.0 to 2.6.2, 2.4.0 to 2.4.8, and 2.2.0 to 2.2.16, the Radiotap dissector could crash. This was addressed in epan/dissectors/packet-ieee80211-radiotap-iter.c by validating iterator ope…
|
NVD-CWE-noinfo
|
CVE-2018-16057
|
2024-11-21 12:52 |
2018-08-30 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
250133
|
7.5 |
HIGH
Network
|
wireshark debian
|
wireshark debian_linux
|
In Wireshark 2.6.0 to 2.6.2, 2.4.0 to 2.4.8, and 2.2.0 to 2.2.16, the Bluetooth Attribute Protocol dissector could crash. This was addressed in epan/dissectors/packet-btatt.c by verifying that a diss…
|
NVD-CWE-noinfo
|
CVE-2018-16056
|
2024-11-21 12:52 |
2018-08-30 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
250134
|
6.1 |
MEDIUM
Network
|
cybrotech
|
cybrohttpserver
|
Cybrotech CyBroHttpServer 1.0.3 allows XSS via a URI.
|
CWE-79
Cross-site Scripting
|
CVE-2018-16134
|
2024-11-21 12:52 |
2018-08-30 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
250135
|
5.3 |
MEDIUM
Network
|
cybrotech
|
cybrohttpserver
|
Cybrotech CyBroHttpServer 1.0.3 allows Directory Traversal via a ../ in the URI.
|
CWE-22
Path Traversal
|
CVE-2018-16133
|
2024-11-21 12:52 |
2018-08-30 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
250136
|
8.6 |
HIGH
Network
|
signal
|
signal
|
The image rendering component (createGenericPreview) of the Open Whisper Signal app through 2.29.0 for iOS fails to check for unreasonably large images before manipulating received images. This allow…
|
CWE-400
Uncontrolled Resource Consumption
|
CVE-2018-16132
|
2024-11-21 12:52 |
2018-08-30 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
250137
|
9.1 |
CRITICAL
Network
|
lightbend
|
akka
|
Lightbend Akka 2.5.x before 2.5.16 allows message disclosure and modification because of an RNG error. A random number generator is used in Akka Remoting for TLS (both classic and Artery Remoting). A…
|
CWE-338
Use of Cryptographically Weak Pseudo-Random Number Generator (PRNG)
|
CVE-2018-16115
|
2024-11-21 12:52 |
2018-08-30 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
250138
|
5.5 |
MEDIUM
Local
|
elfutils_project debian opensuse canonical redhat
|
elfutils debian_linux leap ubuntu_linux enterprise_linux_desktop enterprise_linux_workstation enterprise_linux_server
|
dwarf_getaranges in dwarf_getaranges.c in libdw in elfutils before 2018-08-18 allows remote attackers to cause a denial of service (heap-based buffer over-read) via a crafted file.
|
CWE-125
Out-of-bounds Read
|
CVE-2018-16062
|
2024-11-21 12:52 |
2018-08-29 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
250139
|
6.5 |
MEDIUM
Network
|
odoo
|
odoo
|
Improper access control in message routing in Odoo Community 12.0 and earlier and Odoo Enterprise 12.0 and earlier allows remote authenticated users to create arbitrary records via crafted payloads, …
|
CWE-732
Incorrect Permission Assignment for Critical Resource
|
CVE-2018-15645
|
2024-11-21 12:51 |
2020-12-23 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
250140
|
5.4 |
MEDIUM
Network
|
odoo
|
odoo
|
Cross-site scripting (XSS) issue in web module in Odoo Community 11.0 through 14.0 and Odoo Enterprise 11.0 through 14.0, allows remote authenticated internal users to inject arbitrary web script in …
|
CWE-79
Cross-site Scripting
|
CVE-2018-15641
|
2024-11-21 12:51 |
2020-12-23 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|