|
248951
|
9.8 |
CRITICAL
Network
|
hdfgroup
|
hdf5
|
An issue was discovered in the HDF HDF5 1.8.20 library. There is a memcpy parameter overlap in the function H5O_link_decode in H5Olink.c.
|
CWE-119
Incorrect Access of Indexable Resource ('Range Error')
|
CVE-2018-13869
|
2024-11-21 12:48 |
2018-07-11 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
248952
|
9.8 |
CRITICAL
Network
|
hdfgroup
|
hdf5
|
An issue was discovered in the HDF HDF5 1.8.20 library. There is a heap-based buffer over-read in the function H5O_fill_old_decode in H5Ofill.c.
|
CWE-125
Out-of-bounds Read
|
CVE-2018-13868
|
2024-11-21 12:48 |
2018-07-11 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
248953
|
9.8 |
CRITICAL
Network
|
hdfgroup
|
hdf5
|
An issue was discovered in the HDF HDF5 1.8.20 library. There is an out of bounds read in the function H5F__accum_read in H5Faccum.c.
|
CWE-125
Out-of-bounds Read
|
CVE-2018-13867
|
2024-11-21 12:48 |
2018-07-11 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
248954
|
9.8 |
CRITICAL
Network
|
hdfgroup
|
hdf5
|
An issue was discovered in the HDF HDF5 1.8.20 library. There is a stack-based buffer over-read in the function H5F_addr_decode_len in H5Fint.c.
|
CWE-125
Out-of-bounds Read
|
CVE-2018-13866
|
2024-11-21 12:48 |
2018-07-11 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
248955
|
6.1 |
MEDIUM
Network
|
idreamsoft
|
icms
|
An issue was discovered in idreamsoft iCMS 7.0.9. XSS exists via the callback parameter in a public/api.php uploadpic request, bypassing the iWAF protection mechanism.
|
CWE-79
Cross-site Scripting
|
CVE-2018-13865
|
2024-11-21 12:48 |
2018-07-11 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
248956
|
7.5 |
HIGH
Network
|
mongodb
|
js-bson
|
The MongoDB bson JavaScript module (also known as js-bson) versions 0.5.0 to 1.0.x before 1.0.5 is vulnerable to a Regular Expression Denial of Service (ReDoS) in lib/bson/decimal128.js. The flaw is …
|
NVD-CWE-noinfo
|
CVE-2018-13863
|
2024-11-21 12:48 |
2018-07-11 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
248957
|
9.8 |
CRITICAL
Network
|
icanstudioz
|
firebase_push_notification_on_ios_\/_fcm_\+_advance_admin_panel
|
The "Firebase Cloud Messaging (FCM) + Advance Admin Panel" component supporting Firebase Push Notification on iOS (through 2017-10-26) allows SQL injection via the /advance_push/public/login username…
|
CWE-89
SQL Injection
|
CVE-2018-13850
|
2024-11-21 12:48 |
2018-07-11 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
248958
|
6.1 |
MEDIUM
Network
|
instagram-clone_project
|
instagram-clone
|
edit_requests.php in yTakkar Instagram-clone through 2018-04-23 has XSS via an onmouseover payload because of an inadequate XSS protection mechanism based on preg_replace.
|
CWE-79
Cross-site Scripting
|
CVE-2018-13849
|
2024-11-21 12:48 |
2018-07-11 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
248959
|
7.5 |
HIGH
Network
|
axiosys
|
bento4
|
An issue has been found in Bento4 1.5.1-624. It is a SEGV in AP4_StszAtom::GetSampleSize in Core/Ap4StszAtom.cpp.
|
CWE-119
Incorrect Access of Indexable Resource ('Range Error')
|
CVE-2018-13848
|
2024-11-21 12:48 |
2018-07-11 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
248960
|
7.5 |
HIGH
Network
|
axiosys
|
bento4
|
An issue has been found in Bento4 1.5.1-624. It is a SEGV in AP4_StcoAtom::AdjustChunkOffsets in Core/Ap4StcoAtom.cpp.
|
CWE-119
Incorrect Access of Indexable Resource ('Range Error')
|
CVE-2018-13847
|
2024-11-21 12:48 |
2018-07-11 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
