|
248821
|
9.8 |
CRITICAL
Network
|
brynamics
|
online_trade
|
Brynamics "Online Trade - Online trading and cryptocurrency investment system" allows remote attackers to obtain sensitive information via a direct request for /dashboard/addplan, /dashboard/paywithc…
|
CWE-200
Information Exposure
|
CVE-2018-14328
|
2024-11-21 12:48 |
2018-07-24 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
248822
|
7.5 |
HIGH
Network
|
tp-link
|
wr840n
|
TP-Link WR840N devices allow remote attackers to cause a denial of service (connectivity loss) via a series of packets with random MAC addresses.
|
CWE-20
Improper Input Validation
|
CVE-2018-14336
|
2024-11-21 12:48 |
2018-07-20 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
248823
|
5.5 |
MEDIUM
Local
|
clementine-player
|
clementine
|
An issue was discovered in Clementine Music Player 1.3.1. Clementine.exe is vulnerable to a user mode write access violation due to a NULL pointer dereference in the Init call in the MoodbarPipeline:…
|
CWE-476
NULL Pointer Dereference
|
CVE-2018-14332
|
2024-11-21 12:48 |
2018-07-20 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
248824
|
7.5 |
HIGH
Network
|
axmldec_project
|
axmldec
|
axmldec 1.2.0 has an out-of-bounds write in the jitana::axml_parser::parse_start_namespace function in lib/jitana/util/axml_parser.cpp.
|
CWE-787
Out-of-bounds Write
|
CVE-2018-14402
|
2024-11-21 12:48 |
2018-07-19 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
248825
|
7.5 |
HIGH
Network
|
axml_parser_project
|
axml_parser
|
CopyData in AxmlParser.c in AXML Parser through 2018-01-04 has an out-of-bounds read.
|
CWE-125
Out-of-bounds Read
|
CVE-2018-14401
|
2024-11-21 12:48 |
2018-07-19 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
248826
|
9.8 |
CRITICAL
Network
|
phpcms_project
|
phpcms
|
libs\classes\attachment.class.php in PHPCMS 9.6.0 allows remote attackers to upload and execute arbitrary PHP code via a .txt?.php#.jpg URI in the SRC attribute of an IMG element within info[content]…
|
CWE-94
Code Injection
|
CVE-2018-14399
|
2024-11-21 12:48 |
2018-07-19 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
248827
|
6.5 |
MEDIUM
Network
|
debian
ffmpeg
|
debian_linux
ffmpeg
|
libavformat/movenc.c in FFmpeg 3.2 and 4.0.2 allows attackers to cause a denial of service (application crash caused by a divide-by-zero error) with a user crafted audio file when converting to the M…
|
CWE-369
Divide By Zero
|
CVE-2018-14395
|
2024-11-21 12:48 |
2018-07-19 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
248828
|
6.5 |
MEDIUM
Network
|
ffmpeg
|
ffmpeg
|
libavformat/movenc.c in FFmpeg before 4.0.2 allows attackers to cause a denial of service (application crash caused by a divide-by-zero error) with a user crafted Waveform audio file.
|
CWE-369
Divide By Zero
|
CVE-2018-14394
|
2024-11-21 12:48 |
2018-07-19 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
248829
|
6.1 |
MEDIUM
Network
|
mybb
|
new_threads
|
The New Threads plugin before 1.2 for MyBB has XSS.
|
CWE-79
Cross-site Scripting
|
CVE-2018-14392
|
2024-11-21 12:48 |
2018-07-19 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
248830
|
7.5 |
HIGH
Network
|
wireshark
|
wireshark
|
In Wireshark 2.6.0 to 2.6.1 and 2.4.0 to 2.4.7, the IEEE 802.11 protocol dissector could crash. This was addressed in epan/crypt/airpdcap.c via bounds checking that prevents a buffer over-read.
|
CWE-125
Out-of-bounds Read
|
CVE-2018-14370
|
2024-11-21 12:48 |
2018-07-19 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
