| CVE | Vendor / Product | Sev | Risk | CVSS | EPSS | KEV | Published | Description |
|---|---|---|---|---|---|---|---|---|
| CVE-2018-10517 | Hig | 0.51 | 7.2 | 0.12 | Apr 27, 2018 | In CMS Made Simple (CMSMS) through 2.2.7, the "module import" operation in the admin dashboard contains a remote code execution vulnerability, exploitable by an admin user, because an XML Package can contain base64-encoded PHP code in a data element. | ||
| CVE-2018-10515 | Hig | 0.47 | 7.2 | 0.02 | Apr 27, 2018 | In CMS Made Simple (CMSMS) through 2.2.7, the "file unpack" operation in the admin dashboard contains a remote code execution vulnerability exploitable by an admin user because a .php file can be present in the extracted ZIP archive. | ||
| CVE-2018-7669 | Hig | 0.53 | 7.5 | 0.17 | Apr 27, 2018 | An issue was discovered in Sitecore Sitecore.NET 8.1 rev. 151207 Hotfix 141178-1 and above. The 'Log Viewer' application is vulnerable to a directory traversal attack, allowing an attacker to access arbitrary files from the host Operating System using a… | ||
| CVE-2018-10504 | Hig | 0.54 | 7.8 | 0.05 | Apr 27, 2018 | The WebDorado "Form Maker by WD" plugin before 1.12.24 for WordPress allows CSV injection. | ||
| CVE-2018-10503 | Hig | 0.57 | 8.8 | 0.01 | Apr 27, 2018 | An issue was discovered in index.php in baijiacms V4 v4_1_4_20170105. CSRF allows adding an administrator account via op=edituser, changing the administrator password via op=changepwd, or deleting an account via op=deleteuser. | ||
| CVE-2014-1846 | Hig | 0.51 | 7.8 | 0.00 | Apr 27, 2018 | Enlightenment before 0.17.6 might allow local users to gain privileges via vectors involving the gdb method. | ||
| CVE-2014-1845 | Hig | 0.51 | 7.8 | 0.00 | Apr 27, 2018 | An unspecified setuid root helper in Enlightenment before 0.17.6 allows local users to gain privileges by leveraging failure to properly sanitize the environment. | ||
| CVE-2013-7202 | Hig | 0.53 | 8.1 | 0.02 | Apr 27, 2018 | The WebHybridClient class in PayPal 5.3 and earlier for Android allows remote attackers to execute arbitrary JavaScript on the system. | ||
| CVE-2013-7201 | Hig | 0.48 | 7.4 | 0.02 | Apr 27, 2018 | WebHybridClient.java in PayPal 5.3 and earlier for Android ignores SSL errors, which allows man-in-the-middle attackers to spoof servers and obtain sensitive information. | ||
| CVE-2013-5461 | Hig | 0.57 | 8.8 | 0.02 | Apr 27, 2018 | IBM Endpoint Manager for Remote Control 9.0.0 and 9.0.1 and Tivoli Remote Control 5.1.2 store multiple hashes of partial passwords, which makes it easier for remote attackers to decrypt passwords by leveraging access to the hashes. IBM X-Force ID: 88309. | ||
| CVE-2018-1479 | Hig | 0.57 | 8.8 | 0.01 | Apr 27, 2018 | IBM BigFix Platform 9.2 and 9.5 is vulnerable to cross-site request forgery which could allow an attacker to execute malicious and unauthorized actions transmitted from a user that the website trusts. IBM X-Force ID: 140761. | ||
| CVE-2018-3855 | Hig | 0.51 | 7.8 | 0.02 | Apr 26, 2018 | In Hyland Perceptive Document Filters 11.4.0.2647 - x86/x64 Windows/Linux, a crafted OpenDocument document can lead to a SkCanvas object double free resulting in direct code execution. | ||
| CVE-2018-3851 | Hig | 0.57 | 8.8 | 0.03 | Apr 26, 2018 | In Hyland Perceptive Document Filters 11.4.0.2647 - x86/x64 Windows/Linux, an exploitable stack-based buffer overflow exists in the DOC-to-HTML conversion functionality of the Hyland Perceptive Document Filters version 11.4.0.2647. A crafted .doc document can lead to a… | ||
| CVE-2018-3845 | Hig | 0.57 | 8.8 | 0.03 | Apr 26, 2018 | In Hyland Perceptive Document Filters 11.4.0.2647 - x86/x64 Windows/Linux, a crafted OpenDocument document can lead to a SkCanvas object double free resulting in direct code execution. | ||
| CVE-2018-3844 | Hig | 0.57 | 8.8 | 0.03 | Apr 26, 2018 | In Hyland Perceptive Document Filters 11.4.0.2647 - x86/x64 Windows/Linux, a crafted DOCX document can lead to a use-after-free resulting in direct code execution. | ||
| CVE-2017-17543 | Hig | 0.49 | 7.5 | 0.00 | Apr 26, 2018 | Users' VPN authentication credentials are unsafely encrypted in Fortinet FortiClient for Windows 5.6.0 and below versions, FortiClient for Mac OSX 5.6.0 and below versions and FortiClient SSLVPN Client for Linux 4.4.2335 and below versions, due to the use of a static encryption… | ||
| CVE-2017-14010 | Hig | 0.51 | 7.8 | 0.02 | Apr 26, 2018 | In SpiderControl MicroBrowser Windows XP, Vista 7, 8 and 10, Versions 1.6.30.144 and prior, an uncontrolled search path element vulnerability has been identified which could be exploited by placing a specially crafted DLL file in the search path. If the malicious DLL is loaded… | ||
| CVE-2016-9602 | Hig | 0.43 | 7.6 | 0.04 | Apr 26, 2018 | Qemu before version 2.9 is vulnerable to an improper link following when built with the VirtFS. A privileged user inside guest could use this flaw to access host file system beyond the shared folder and potentially escalating their privileges on a host. | ||
| CVE-2018-1074 | Hig | 0.50 | 7.7 | 0.01 | Apr 26, 2018 | ovirt-engine API and administration web portal before versions 4.2.2.5, 4.1.11.2 is vulnerable to an exposure of Power Management credentials, including cleartext passwords to Host Administrators. A Host Administrator could use this flaw to gain access to the power management… | ||
| CVE-2018-10431 | Hig | 0.47 | 7.2 | 0.03 | Apr 26, 2018 | D-Link DIR-615 2.5.17 devices allow Remote Code Execution via shell metacharacters in the Host field of the System / Traceroute screen. | ||
| CVE-2018-8072 | Hig | 0.57 | 8.8 | 0.03 | Apr 26, 2018 | An issue was discovered on EDIMAX IC-3140W through 3.06, IC-5150W through 3.09, and IC-6220DC through 3.06 devices. The ipcam_cgi binary contains a stack-based buffer overflow that is possible to trigger from a remote unauthenticated /camera-cgi/public/getsysyeminfo.cgi?action=VA… | ||
| CVE-2018-1418 | Hig | 0.64 | 8.8 | 0.52 | Apr 26, 2018 | IBM Security QRadar SIEM 7.2 and 7.3 could allow a user to bypass authentication which could lead to code execution. IBM X-Force ID: 138824. | ||
| CVE-2018-10425 | Hig | 0.51 | 7.8 | 0.00 | Apr 26, 2018 | An issue was discovered in Shanghai 2345 Security Guard 3.7.0. 2345MPCSafe.exe, 2345SafeTray.exe, and 2345Speedup.exe allow local users to bypass intended process protections, and consequently terminate processes, because SetParent is not properly considered. | ||
| CVE-2018-9113 | Hig | 0.00 | 7.8 | 0.04 | Apr 26, 2018 | Centers for Disease Control and Prevention MicrobeTRACE 0.1.12 allows remote attackers to execute arbitrary code, related to code injection via a crafted CSV file with an initial '><script type="text/javascript" src=' line. Fix released on 2018-03-29. | ||
| CVE-2018-8974 | Hig | 0.00 | 7.8 | 0.04 | Apr 26, 2018 | Centers for Disease Control and Prevention MicrobeTRACE 0.1.11 allows remote attackers to execute arbitrary code, related to code injection via a crafted CSV file with an initial 'Source<script type="text/javascript" src=' line. Fix released on 2018-03-28. | ||
| CVE-2018-10393 | Hig | 0.49 | 7.5 | 0.02 | Apr 26, 2018 | bark_noise_hybridmp in psy.c in Xiph.Org libvorbis 1.3.6 has a stack-based buffer over-read. | ||
| CVE-2018-10392 | Hig | 0.57 | 8.8 | 0.03 | Apr 26, 2018 | mapping0_forward in mapping0.c in Xiph.Org libvorbis 1.3.6 does not validate the number of channels, which allows remote attackers to cause a denial of service (heap-based buffer overflow or over-read) or possibly have unspecified other impact via a crafted file. | ||
| CVE-2018-8837 | Hig | 0.51 | 7.8 | 0.02 | Apr 25, 2018 | Processing specially crafted .pm3 files in Advantech WebAccess HMI Designer 2.1.7.32 and prior may cause the system to write outside the intended buffer area and may allow remote code execution. | ||
| CVE-2018-8835 | Hig | 0.51 | 7.8 | 0.02 | Apr 25, 2018 | Double free vulnerabilities in Advantech WebAccess HMI Designer 2.1.7.32 and prior caused by processing specially crafted .pm3 files may allow remote code execution. | ||
| CVE-2018-8833 | Hig | 0.51 | 7.8 | 0.02 | Apr 25, 2018 | Heap-based buffer overflow vulnerabilities in Advantech WebAccess HMI Designer 2.1.7.32 and prior caused by processing specially crafted .pm3 files may allow remote code execution. | ||
| CVE-2018-5486 | Hig | 0.51 | 7.8 | 0.00 | Apr 25, 2018 | NetApp OnCommand Unified Manager for Linux versions 7.2 though 7.3 ship with the Java Debug Wire Protocol (JDWP) enabled which allows unauthorized local attackers to execute arbitrary code. | ||
| CVE-2018-5226 | Hig | 0.57 | 8.8 | 0.01 | Apr 25, 2018 | There was an argument injection vulnerability in Sourcetree for Windows via Mercurial repository tag name that is going to be deleted. An attacker with permission to create a tag on a Mercurial repository linked in Sourcetree for Windows is able to exploit this issue to gain… | ||
| CVE-2018-1335 | Hig | 0.63 | 8.1 | 0.94 | Apr 25, 2018 | From Apache Tika versions 1.7 to 1.17, clients could send carefully crafted headers to tika-server that could be used to inject commands into the command line of the server running tika-server. This vulnerability only affects those running tika-server on a server that is open to… | ||
| CVE-2014-0881 | Hig | 0.48 | 7.4 | 0.02 | Apr 25, 2018 | The TPM on Integrated Management Module II (IMM2) on IBM Flex System x222 servers with firmware 1.00 through 3.56 allows remote attackers to obtain sensitive key information or cause a denial of service by leveraging an incorrect configuration. IBM X-Force ID: 91146. | ||
| CVE-2017-7652 | Hig | 0.49 | 7.5 | 0.02 | Apr 25, 2018 | In Eclipse Mosquitto 1.4.14, if a Mosquitto instance is set running with a configuration file, then sending a HUP signal to server triggers the configuration to be reloaded from disk. If there are lots of clients connected so that there are no more file descriptors/sockets… | ||
| CVE-2017-12712 | Hig | 0.57 | 8.8 | 0.01 | Apr 25, 2018 | The authentication algorithm in Abbott Laboratories pacemakers manufactured prior to Aug 28, 2017, which involves an authentication key and time stamp, can be compromised or bypassed, which may allow a nearby attacker to issue unauthorized commands to the pacemaker via RF… | ||
| CVE-2018-1112 | Hig | 0.52 | 8.0 | 0.02 | Apr 25, 2018 | glusterfs server before versions 3.10.12, 4.0.2 is vulnerable when using 'auth.allow' option which allows any unauthenticated gluster client to connect from any network to mount gluster storage volumes. NOTE: this vulnerability exists because of a CVE-2018-1088 regression. | ||
| CVE-2018-10376 | Hig | 0.49 | 7.5 | 0.02 | Apr 25, 2018 | An integer overflow in the transferProxy function of a smart contract implementation for SmartMesh (aka SMT), an Ethereum ERC20 token, allows attackers to accomplish an unauthorized increase of digital assets via crafted _fee and _value parameters, as exploited in the wild in… | ||
| CVE-2018-10361 | — | Hig | 0.51 | 7.8 | 0.00 | Apr 25, 2018 | An issue was discovered in KTextEditor 5.34.0 through 5.45.0. Insecure handling of temporary files in the KTextEditor's kauth_ktexteditor_helper service (as utilized in the Kate text editor) can allow other unprivileged users on the local system to gain root privileges. The… | |
| CVE-2017-17557 | Hig | 0.57 | 8.8 | 0.04 | Apr 24, 2018 | In Foxit Reader before 9.1 and Foxit PhantomPDF before 9.1, a flaw exists within the parsing of the BITMAPINFOHEADER record in BMP files. The issue results from the lack of proper validation of the biSize member, which can result in a heap based buffer overflow. An attacker can… | ||
| CVE-2013-7245 | Hig | 0.49 | 7.5 | 0.01 | Apr 24, 2018 | The Backup Server component in SAP Sybase ASE 15.7 before SP51 allows remote attackers to bypass access restrictions and perform database dumps by leveraging failure to validate credentials, aka SAP Security Note 1927859. | ||
| CVE-2013-3947 | Hig | 0.51 | 7.8 | 0.01 | Apr 24, 2018 | Buffer overflow in MedCoreD.sys in AhnLab V3 Internet Security 8.0.7.5 (Build 1373) allows local users to gain privileges via a crafted 0xA3350014 IOCTL call. | ||
| CVE-2018-3836 | Hig | 0.51 | 7.8 | 0.01 | Apr 24, 2018 | An exploitable command injection vulnerability exists in the gplotMakeOutput function of Leptonica 1.74.4. A specially crafted gplot rootname argument can cause a command injection resulting in arbitrary code execution. An attacker can provide a malicious path as input to an… | ||
| CVE-2017-2924 | Hig | 0.57 | 8.8 | 0.03 | Apr 24, 2018 | An exploitable heap-based buffer overflow vulnerability exists in the read_legacy_biff function of FreeXL 1.0.3. A specially crafted XLS file can cause a memory corruption resulting in remote code execution. An attacker can send malicious XLS file to trigger this vulnerability. | ||
| CVE-2017-2923 | Hig | 0.57 | 8.8 | 0.03 | Apr 24, 2018 | An exploitable heap based buffer overflow vulnerability exists in the 'read_biff_next_record function' of FreeXL 1.0.3. A specially crafted XLS file can cause a memory corruption resulting in remote code execution. An attacker can send malicious XLS file to trigger this… | ||
| CVE-2017-2918 | Hig | 0.51 | 7.8 | 0.03 | Apr 24, 2018 | An exploitable integer overflow exists in the Image loading functionality of the Blender open-source 3d creation suite v2.78c. A specially crafted .blend file can cause an integer overflow resulting in a buffer overflow which can allow for code execution under the context of the… | ||
| CVE-2017-2908 | Hig | 0.51 | 7.8 | 0.02 | Apr 24, 2018 | An exploitable integer overflow exists in the thumbnail functionality of the Blender open-source 3d creation suite version 2.78c. A specially crafted .blend file can cause an integer overflow resulting in a buffer overflow which can allow for code execution under the context of… | ||
| CVE-2017-2907 | Hig | 0.51 | 7.8 | 0.02 | Apr 24, 2018 | An exploitable integer overflow exists in the animation playing functionality of the Blender open-source 3d creation suite version 2.78c. A specially created '.avi' file can cause an integer overflow resulting in a buffer overflow which can allow for code execution under the… | ||
| CVE-2017-2906 | Hig | 0.51 | 7.8 | 0.02 | Apr 24, 2018 | An exploitable integer overflow exists in the animation playing functionality of the Blender open-source 3d creation suite version 2.78c. A specially created '.avi' file can cause an integer overflow resulting in a buffer overflow which can allow for code execution under the… | ||
| CVE-2017-2905 | Hig | 0.51 | 7.8 | 0.02 | Apr 24, 2018 | An exploitable integer overflow exists in the bmp loading functionality of the Blender open-source 3d creation suite version 2.78c. A specially crafted '.bmp' file can cause an integer overflow resulting in a buffer overflow which can allow for code execution under the context… |
- risk 0.51cvss 7.2epss 0.12
In CMS Made Simple (CMSMS) through 2.2.7, the "module import" operation in the admin dashboard contains a remote code execution vulnerability, exploitable by an admin user, because an XML Package can contain base64-encoded PHP code in a data element.
- risk 0.47cvss 7.2epss 0.02
In CMS Made Simple (CMSMS) through 2.2.7, the "file unpack" operation in the admin dashboard contains a remote code execution vulnerability exploitable by an admin user because a .php file can be present in the extracted ZIP archive.
- risk 0.53cvss 7.5epss 0.17
An issue was discovered in Sitecore Sitecore.NET 8.1 rev. 151207 Hotfix 141178-1 and above. The 'Log Viewer' application is vulnerable to a directory traversal attack, allowing an attacker to access arbitrary files from the host Operating System using a…
- risk 0.54cvss 7.8epss 0.05
The WebDorado "Form Maker by WD" plugin before 1.12.24 for WordPress allows CSV injection.
- risk 0.57cvss 8.8epss 0.01
An issue was discovered in index.php in baijiacms V4 v4_1_4_20170105. CSRF allows adding an administrator account via op=edituser, changing the administrator password via op=changepwd, or deleting an account via op=deleteuser.
- risk 0.51cvss 7.8epss 0.00
Enlightenment before 0.17.6 might allow local users to gain privileges via vectors involving the gdb method.
- risk 0.51cvss 7.8epss 0.00
An unspecified setuid root helper in Enlightenment before 0.17.6 allows local users to gain privileges by leveraging failure to properly sanitize the environment.
- risk 0.53cvss 8.1epss 0.02
The WebHybridClient class in PayPal 5.3 and earlier for Android allows remote attackers to execute arbitrary JavaScript on the system.
- risk 0.48cvss 7.4epss 0.02
WebHybridClient.java in PayPal 5.3 and earlier for Android ignores SSL errors, which allows man-in-the-middle attackers to spoof servers and obtain sensitive information.
- risk 0.57cvss 8.8epss 0.02
IBM Endpoint Manager for Remote Control 9.0.0 and 9.0.1 and Tivoli Remote Control 5.1.2 store multiple hashes of partial passwords, which makes it easier for remote attackers to decrypt passwords by leveraging access to the hashes. IBM X-Force ID: 88309.
- risk 0.57cvss 8.8epss 0.01
IBM BigFix Platform 9.2 and 9.5 is vulnerable to cross-site request forgery which could allow an attacker to execute malicious and unauthorized actions transmitted from a user that the website trusts. IBM X-Force ID: 140761.
- risk 0.51cvss 7.8epss 0.02
In Hyland Perceptive Document Filters 11.4.0.2647 - x86/x64 Windows/Linux, a crafted OpenDocument document can lead to a SkCanvas object double free resulting in direct code execution.
- risk 0.57cvss 8.8epss 0.03
In Hyland Perceptive Document Filters 11.4.0.2647 - x86/x64 Windows/Linux, an exploitable stack-based buffer overflow exists in the DOC-to-HTML conversion functionality of the Hyland Perceptive Document Filters version 11.4.0.2647. A crafted .doc document can lead to a…
- risk 0.57cvss 8.8epss 0.03
In Hyland Perceptive Document Filters 11.4.0.2647 - x86/x64 Windows/Linux, a crafted OpenDocument document can lead to a SkCanvas object double free resulting in direct code execution.
- risk 0.57cvss 8.8epss 0.03
In Hyland Perceptive Document Filters 11.4.0.2647 - x86/x64 Windows/Linux, a crafted DOCX document can lead to a use-after-free resulting in direct code execution.
- risk 0.49cvss 7.5epss 0.00
Users' VPN authentication credentials are unsafely encrypted in Fortinet FortiClient for Windows 5.6.0 and below versions, FortiClient for Mac OSX 5.6.0 and below versions and FortiClient SSLVPN Client for Linux 4.4.2335 and below versions, due to the use of a static encryption…
- risk 0.51cvss 7.8epss 0.02
In SpiderControl MicroBrowser Windows XP, Vista 7, 8 and 10, Versions 1.6.30.144 and prior, an uncontrolled search path element vulnerability has been identified which could be exploited by placing a specially crafted DLL file in the search path. If the malicious DLL is loaded…
- risk 0.43cvss 7.6epss 0.04
Qemu before version 2.9 is vulnerable to an improper link following when built with the VirtFS. A privileged user inside guest could use this flaw to access host file system beyond the shared folder and potentially escalating their privileges on a host.
- risk 0.50cvss 7.7epss 0.01
ovirt-engine API and administration web portal before versions 4.2.2.5, 4.1.11.2 is vulnerable to an exposure of Power Management credentials, including cleartext passwords to Host Administrators. A Host Administrator could use this flaw to gain access to the power management…
- risk 0.47cvss 7.2epss 0.03
D-Link DIR-615 2.5.17 devices allow Remote Code Execution via shell metacharacters in the Host field of the System / Traceroute screen.
- risk 0.57cvss 8.8epss 0.03
An issue was discovered on EDIMAX IC-3140W through 3.06, IC-5150W through 3.09, and IC-6220DC through 3.06 devices. The ipcam_cgi binary contains a stack-based buffer overflow that is possible to trigger from a remote unauthenticated /camera-cgi/public/getsysyeminfo.cgi?action=VA…
- risk 0.64cvss 8.8epss 0.52
IBM Security QRadar SIEM 7.2 and 7.3 could allow a user to bypass authentication which could lead to code execution. IBM X-Force ID: 138824.
- risk 0.51cvss 7.8epss 0.00
An issue was discovered in Shanghai 2345 Security Guard 3.7.0. 2345MPCSafe.exe, 2345SafeTray.exe, and 2345Speedup.exe allow local users to bypass intended process protections, and consequently terminate processes, because SetParent is not properly considered.
- risk 0.00cvss 7.8epss 0.04
Centers for Disease Control and Prevention MicrobeTRACE 0.1.12 allows remote attackers to execute arbitrary code, related to code injection via a crafted CSV file with an initial '><script type="text/javascript" src=' line. Fix released on 2018-03-29.
- risk 0.00cvss 7.8epss 0.04
Centers for Disease Control and Prevention MicrobeTRACE 0.1.11 allows remote attackers to execute arbitrary code, related to code injection via a crafted CSV file with an initial 'Source<script type="text/javascript" src=' line. Fix released on 2018-03-28.
- risk 0.49cvss 7.5epss 0.02
bark_noise_hybridmp in psy.c in Xiph.Org libvorbis 1.3.6 has a stack-based buffer over-read.
- risk 0.57cvss 8.8epss 0.03
mapping0_forward in mapping0.c in Xiph.Org libvorbis 1.3.6 does not validate the number of channels, which allows remote attackers to cause a denial of service (heap-based buffer overflow or over-read) or possibly have unspecified other impact via a crafted file.
- risk 0.51cvss 7.8epss 0.02
Processing specially crafted .pm3 files in Advantech WebAccess HMI Designer 2.1.7.32 and prior may cause the system to write outside the intended buffer area and may allow remote code execution.
- risk 0.51cvss 7.8epss 0.02
Double free vulnerabilities in Advantech WebAccess HMI Designer 2.1.7.32 and prior caused by processing specially crafted .pm3 files may allow remote code execution.
- risk 0.51cvss 7.8epss 0.02
Heap-based buffer overflow vulnerabilities in Advantech WebAccess HMI Designer 2.1.7.32 and prior caused by processing specially crafted .pm3 files may allow remote code execution.
- risk 0.51cvss 7.8epss 0.00
NetApp OnCommand Unified Manager for Linux versions 7.2 though 7.3 ship with the Java Debug Wire Protocol (JDWP) enabled which allows unauthorized local attackers to execute arbitrary code.
- risk 0.57cvss 8.8epss 0.01
There was an argument injection vulnerability in Sourcetree for Windows via Mercurial repository tag name that is going to be deleted. An attacker with permission to create a tag on a Mercurial repository linked in Sourcetree for Windows is able to exploit this issue to gain…
- risk 0.63cvss 8.1epss 0.94
From Apache Tika versions 1.7 to 1.17, clients could send carefully crafted headers to tika-server that could be used to inject commands into the command line of the server running tika-server. This vulnerability only affects those running tika-server on a server that is open to…
- risk 0.48cvss 7.4epss 0.02
The TPM on Integrated Management Module II (IMM2) on IBM Flex System x222 servers with firmware 1.00 through 3.56 allows remote attackers to obtain sensitive key information or cause a denial of service by leveraging an incorrect configuration. IBM X-Force ID: 91146.
- risk 0.49cvss 7.5epss 0.02
In Eclipse Mosquitto 1.4.14, if a Mosquitto instance is set running with a configuration file, then sending a HUP signal to server triggers the configuration to be reloaded from disk. If there are lots of clients connected so that there are no more file descriptors/sockets…
- risk 0.57cvss 8.8epss 0.01
The authentication algorithm in Abbott Laboratories pacemakers manufactured prior to Aug 28, 2017, which involves an authentication key and time stamp, can be compromised or bypassed, which may allow a nearby attacker to issue unauthorized commands to the pacemaker via RF…
- risk 0.52cvss 8.0epss 0.02
glusterfs server before versions 3.10.12, 4.0.2 is vulnerable when using 'auth.allow' option which allows any unauthenticated gluster client to connect from any network to mount gluster storage volumes. NOTE: this vulnerability exists because of a CVE-2018-1088 regression.
- risk 0.49cvss 7.5epss 0.02
An integer overflow in the transferProxy function of a smart contract implementation for SmartMesh (aka SMT), an Ethereum ERC20 token, allows attackers to accomplish an unauthorized increase of digital assets via crafted _fee and _value parameters, as exploited in the wild in…
- risk 0.51cvss 7.8epss 0.00
An issue was discovered in KTextEditor 5.34.0 through 5.45.0. Insecure handling of temporary files in the KTextEditor's kauth_ktexteditor_helper service (as utilized in the Kate text editor) can allow other unprivileged users on the local system to gain root privileges. The…
- risk 0.57cvss 8.8epss 0.04
In Foxit Reader before 9.1 and Foxit PhantomPDF before 9.1, a flaw exists within the parsing of the BITMAPINFOHEADER record in BMP files. The issue results from the lack of proper validation of the biSize member, which can result in a heap based buffer overflow. An attacker can…
- risk 0.49cvss 7.5epss 0.01
The Backup Server component in SAP Sybase ASE 15.7 before SP51 allows remote attackers to bypass access restrictions and perform database dumps by leveraging failure to validate credentials, aka SAP Security Note 1927859.
- risk 0.51cvss 7.8epss 0.01
Buffer overflow in MedCoreD.sys in AhnLab V3 Internet Security 8.0.7.5 (Build 1373) allows local users to gain privileges via a crafted 0xA3350014 IOCTL call.
- risk 0.51cvss 7.8epss 0.01
An exploitable command injection vulnerability exists in the gplotMakeOutput function of Leptonica 1.74.4. A specially crafted gplot rootname argument can cause a command injection resulting in arbitrary code execution. An attacker can provide a malicious path as input to an…
- risk 0.57cvss 8.8epss 0.03
An exploitable heap-based buffer overflow vulnerability exists in the read_legacy_biff function of FreeXL 1.0.3. A specially crafted XLS file can cause a memory corruption resulting in remote code execution. An attacker can send malicious XLS file to trigger this vulnerability.
- risk 0.57cvss 8.8epss 0.03
An exploitable heap based buffer overflow vulnerability exists in the 'read_biff_next_record function' of FreeXL 1.0.3. A specially crafted XLS file can cause a memory corruption resulting in remote code execution. An attacker can send malicious XLS file to trigger this…
- risk 0.51cvss 7.8epss 0.03
An exploitable integer overflow exists in the Image loading functionality of the Blender open-source 3d creation suite v2.78c. A specially crafted .blend file can cause an integer overflow resulting in a buffer overflow which can allow for code execution under the context of the…
- risk 0.51cvss 7.8epss 0.02
An exploitable integer overflow exists in the thumbnail functionality of the Blender open-source 3d creation suite version 2.78c. A specially crafted .blend file can cause an integer overflow resulting in a buffer overflow which can allow for code execution under the context of…
- risk 0.51cvss 7.8epss 0.02
An exploitable integer overflow exists in the animation playing functionality of the Blender open-source 3d creation suite version 2.78c. A specially created '.avi' file can cause an integer overflow resulting in a buffer overflow which can allow for code execution under the…
- risk 0.51cvss 7.8epss 0.02
An exploitable integer overflow exists in the animation playing functionality of the Blender open-source 3d creation suite version 2.78c. A specially created '.avi' file can cause an integer overflow resulting in a buffer overflow which can allow for code execution under the…
- risk 0.51cvss 7.8epss 0.02
An exploitable integer overflow exists in the bmp loading functionality of the Blender open-source 3d creation suite version 2.78c. A specially crafted '.bmp' file can cause an integer overflow resulting in a buffer overflow which can allow for code execution under the context…