| CVE | Vendor / Product | Sev | Risk | CVSS | EPSS | KEV | Published | Description |
|---|---|---|---|---|---|---|---|---|
| CVE-2018-4189 | Cri | 0.64 | 9.8 | 0.02 | Jan 11, 2019 | In iOS before 11.2.5, macOS High Sierra before 10.13.3, Security Update 2018-001 Sierra, and Security Update 2018-001 El Capitan, watchOS before 4.2.2, and tvOS before 11.2.5, a memory corruption issue exists and was addressed with improved memory handling. | ||
| CVE-2018-4169 | Cri | 0.64 | 9.8 | 0.01 | Jan 11, 2019 | In macOS High Sierra before 10.13.3, Security Update 2018-001 Sierra, and Security Update 2018-001 El Capitan, an out-of-bounds read was addressed with improved input validation. | ||
| CVE-2018-4147 | Cri | 0.64 | 9.8 | 0.02 | Jan 11, 2019 | In iCloud for Windows before 7.3, Safari before 11.0.3, iTunes before 12.7.3 for Windows, and iOS before 11.2.5, multiple memory corruption issues exist and were addressed with improved memory handling. | ||
| CVE-2017-13889 | Cri | 0.64 | 9.8 | 0.01 | Jan 11, 2019 | In macOS High Sierra before 10.13.3, Security Update 2018-001 Sierra, and Security Update 2018-001 El Capitan, a logic error existed in the validation of credentials. This was addressed with improved credential validation. | ||
| CVE-2017-1002157 | — | Cri | 0.64 | 9.8 | 0.03 | Jan 10, 2019 | modulemd 1.3.1 and earlier uses an unsafe function for processing externally provided data, leading to remote code execution. | |
| CVE-2018-16803 | Cri | 0.64 | 9.8 | 0.02 | Jan 10, 2019 | In CIMTechniques CIMScan 6.x through 6.2, the SOAP WSDL parser allows attackers to execute SQL code. | ||
| CVE-2019-5893 | Cri | 0.69 | 9.8 | 0.25 | Jan 10, 2019 | Nelson Open Source ERP v6.3.1 allows SQL Injection via the db/utils/query/data.xml query parameter. | ||
| CVE-2019-5886 | Cri | 0.64 | 9.8 | 0.01 | Jan 10, 2019 | An issue was discovered in ShopXO 1.2.0. In the application\install\controller\Index.php file, there is no validation lock file in the Add method, which allows an attacker to reinstall the database. The attacker can write arbitrary code to database.php during system… | ||
| CVE-2019-5882 | Cri | 0.00 | 9.8 | 0.03 | Jan 9, 2019 | Irssi 1.1.x before 1.1.2 has a use after free when hidden lines are expired from the scroll buffer. | ||
| CVE-2018-16203 | Cri | 0.64 | 9.8 | 0.02 | Jan 9, 2019 | PgpoolAdmin 4.0 and earlier allows remote attackers to bypass the login authentication and obtain the administrative privilege of the PostgreSQL database via unspecified vectors. | ||
| CVE-2018-16188 | Cri | 0.64 | 9.8 | 0.02 | Jan 9, 2019 | SQL injection vulnerability in the RICOH Interactive Whiteboard D2200 V1.3 to V2.2, D5500 V1.3 to V2.2, D5510 V1.3 to V2.2, the display versions with RICOH Interactive Whiteboard Controller Type1 V1.3 to V2.2 attached (D5520, D6500, D6510, D7500, D8400), and the display versions… | ||
| CVE-2018-16184 | Cri | 0.64 | 9.8 | 0.04 | Jan 9, 2019 | RICOH Interactive Whiteboard D2200 V1.6 to V2.2, D5500 V1.6 to V2.2, D5510 V1.6 to V2.2, and the display versions with RICOH Interactive Whiteboard Controller Type1 V1.6 to V2.2 attached (D5520, D6500, D6510, D7500, D8400) allows remote attackers to execute arbitrary commands… | ||
| CVE-2018-16168 | Cri | 0.64 | 9.8 | 0.02 | Jan 9, 2019 | LogonTracer 1.2.0 and earlier allows remote attackers to conduct Python code injection attacks via unspecified vectors. | ||
| CVE-2018-16167 | Cri | 0.73 | 9.8 | 0.75 | Jan 9, 2019 | LogonTracer 1.2.0 and earlier allows remote attackers to execute arbitrary OS commands via unspecified vectors. | ||
| CVE-2018-0705 | Cri | 0.59 | 9.1 | 0.02 | Jan 9, 2019 | Directory traversal vulnerability in Cybozu Dezie 8.0.2 to 8.1.2 allows remote attackers to read arbitrary files via HTTP requests. | ||
| CVE-2018-0670 | Cri | 0.64 | 9.8 | 0.02 | Jan 9, 2019 | INplc-RT 3.08 and earlier allows remote attackers to bypass authentication to execute an arbitrary command through the protocol-compliant traffic. This is a different vulnerability than CVE-2018-0669. | ||
| CVE-2018-0669 | Cri | 0.64 | 9.8 | 0.02 | Jan 9, 2019 | INplc-RT 3.08 and earlier allows remote attackers to bypass authentication to execute an arbitrary command through the protocol-compliant traffic. This is a different vulnerability than CVE-2018-0670. | ||
| CVE-2018-0668 | Cri | 0.64 | 9.8 | 0.02 | Jan 9, 2019 | Buffer overflow in INplc-RT 3.08 and earlier allows remote attackers to cause denial-of-service (DoS) condition that may result in executing arbtrary code via unspecified vectors. | ||
| CVE-2018-0651 | Cri | 0.64 | 9.8 | 0.04 | Jan 9, 2019 | Buffer overflow in the license management function of YOKOGAWA products (iDefine for ProSafe-RS R1.16.3 and earlier, STARDOM VDS R7.50 and earlier, STARDOM FCN/FCJ Simulator R4.20 and earlier, ASTPLANNER R15.01 and earlier, TriFellows V5.04 and earlier) allows remote attackers… | ||
| CVE-2018-6127 | Cri | 0.63 | 9.6 | 0.02 | Jan 9, 2019 | Early free of object in use in IndexDB in Google Chrome prior to 67.0.3396.62 allowed a remote attacker who had compromised the renderer process to potentially perform a sandbox escape via a crafted HTML page. | ||
| CVE-2018-16068 | Cri | 0.63 | 9.6 | 0.02 | Jan 9, 2019 | Missing validation in Mojo in Google Chrome prior to 69.0.3497.81 allowed a remote attacker to potentially perform a sandbox escape via a crafted HTML page. | ||
| CVE-2017-15402 | Cri | 0.62 | 9.6 | 0.01 | Jan 9, 2019 | Using an ID that can be controlled by a compromised renderer which allows any frame to overwrite the page_state of any other frame in the same process in Navigation in Google Chrome on Chrome OS prior to 62.0.3202.74 allowed a remote attacker who had compromised the renderer… | ||
| CVE-2019-5748 | Cri | 0.00 | 9.8 | 0.02 | Jan 9, 2019 | In Traccar Server version 4.2, protocol/SpotProtocolDecoder.java might allow XXE attacks. | ||
| CVE-2018-20675 | Cri | 0.64 | 9.8 | 0.02 | Jan 9, 2019 | D-Link DIR-822 C1 before v3.11B01Beta, DIR-822-US C1 before v3.11B01Beta, DIR-850L A* before v1.21B08Beta, DIR-850L B* before v2.22B03Beta, and DIR-880L A* before v1.20B02Beta devices allow authentication bypass. | ||
| CVE-2019-0586 | Cri | 0.65 | 9.8 | 0.15 | Jan 8, 2019 | A remote code execution vulnerability exists in Microsoft Exchange software when the software fails to properly handle objects in memory, aka "Microsoft Exchange Memory Corruption Vulnerability." This affects Microsoft Exchange Server. | ||
| CVE-2019-0547 | Cri | 0.69 | 9.8 | 0.71 | Jan 8, 2019 | A memory corruption vulnerability exists in the Windows DHCP client when an attacker sends specially crafted DHCP responses to a client, aka "Windows DHCP Client Remote Code Execution Vulnerability." This affects Windows 10, Windows 10 Servers. | ||
| CVE-2019-0247 | Cri | 0.64 | 9.8 | 0.01 | Jan 8, 2019 | SAP Cloud Connector, before version 2.11.3, allows an attacker to inject code that can be executed by the application. An attacker could thereby control the behavior of the application. | ||
| CVE-2019-0246 | Cri | 0.64 | 9.8 | 0.03 | Jan 8, 2019 | SAP Cloud Connector, before version 2.11.3, does not perform any authentication checks for functionalities that require user identity. | ||
| CVE-2019-5720 | Cri | 0.64 | 9.8 | 0.02 | Jan 8, 2019 | includes/db/class.reflines_db.inc in FrontAccounting 2.4.6 contains a SQL Injection vulnerability in the reference field that can allow the attacker to grab the entire database of the application via the void_transaction.php filterType parameter. | ||
| CVE-2018-11788 | — | Cri | 0.57 | 9.8 | 0.07 | Jan 7, 2019 | Apache Karaf provides a features deployer, which allows users to "hot deploy" a features XML by dropping the file directly in the deploy folder. The features XML is parsed by XMLInputFactory class. Apache Karaf XMLInputFactory class doesn't contain any mitigation codes against… | |
| CVE-2019-5312 | Cri | 0.57 | 9.8 | 0.02 | Jan 4, 2019 | An issue was discovered in weixin-java-tools v3.3.0. There is an XXE vulnerability in the getXmlDoc method of the BaseWxPayResult.java file. NOTE: this issue exists because of an incomplete fix for CVE-2018-20318. | ||
| CVE-2018-4012 | Cri | 0.59 | 9.0 | 0.03 | Jan 3, 2019 | An exploitable buffer overflow vulnerability exists in the HTTP header-parsing function of the Webroot BrightCloud SDK. The function bc_http_read_header incorrectly handles overlong headers, leading to arbitrary code execution. An unauthenticated attacker could impersonate a… | ||
| CVE-2018-18995 | Cri | 0.64 | 9.8 | 0.03 | Jan 3, 2019 | Pluto Safety PLC Gateway Ethernet devices ABB GATE-E1 and GATE-E2 all versions do not allow authentication to be configured on administrative telnet or web interfaces, which could enable various effects vectors, including conducting device resets, reading or modifying registers,… | ||
| CVE-2018-19601 | Cri | 0.59 | 9.1 | 0.01 | Jan 3, 2019 | Rhymix CMS 1.9.8.1 allows SSRF via an index.php?module=admin&act=dispModuleAdminFileBox SVG upload. | ||
| CVE-2019-3905 | Cri | 0.65 | 10.0 | 0.03 | Jan 3, 2019 | Zoho ManageEngine ADSelfService Plus 5.x before build 5703 has SSRF. | ||
| CVE-2018-20664 | Cri | 0.64 | 9.8 | 0.08 | Jan 3, 2019 | Zoho ManageEngine ADSelfService Plus 5.x before build 5701 has XXE via an uploaded product license. | ||
| CVE-2018-20512 | Cri | 0.64 | 9.8 | 0.02 | Jan 3, 2019 | EPON CPE-WiFi devices 2.0.4-X000 are vulnerable to escalation of privileges by sending cooLogin=1, cooUser=admin, and timestamp=-1 cookies. | ||
| CVE-2018-19862 | Cri | 0.68 | 9.8 | 0.13 | Jan 3, 2019 | Buffer overflow in MiniShare 1.4.1 and earlier allows remote attackers to execute arbitrary code via a long HTTP POST request. NOTE: this product is discontinued. | ||
| CVE-2018-19861 | Cri | 0.68 | 9.8 | 0.13 | Jan 3, 2019 | Buffer overflow in MiniShare 1.4.1 and earlier allows remote attackers to execute arbitrary code via a long HTTP HEAD request. NOTE: this product is discontinued. | ||
| CVE-2018-19415 | Cri | 0.64 | 9.8 | 0.01 | Jan 3, 2019 | Multiple SQL injection vulnerabilities in Plikli CMS 4.0.0 allow remote attackers to execute arbitrary SQL commands via the (1) id parameter to join_group.php or (2) comment_id parameter to story.php. | ||
| CVE-2018-17161 | Cri | 0.64 | 9.8 | 0.04 | Jan 3, 2019 | In FreeBSD before 11.2-STABLE(r348229), 11.2-RELEASE-p7, 12.0-STABLE(r342228), and 12.0-RELEASE-p1, insufficient validation of network-provided data in bootpd may make it possible for a malicious attacker to craft a bootp packet which could cause a stack buffer overflow. It is… | ||
| CVE-2018-16879 | Cri | 0.64 | 9.8 | 0.01 | Jan 3, 2019 | Ansible Tower before version 3.3.3 does not set a secure channel as it is using the default insecure configuration channel settings for messaging celery workers from RabbitMQ. This could lead in data leak of sensitive information such as passwords as well as denial of service… | ||
| CVE-2018-17172 | Cri | 0.64 | 9.8 | 0.02 | Jan 3, 2019 | The web application on Xerox AltaLink B80xx before 100.008.028.05200, C8030/C8035 before 100.001.028.05200, C8045/C8055 before 100.002.028.05200, and C8070 before 100.003.028.05200 allows unauthenticated command injection. | ||
| CVE-2018-20114 | Cri | 0.64 | 9.8 | 0.07 | Jan 2, 2019 | On D-Link DIR-818LW Rev.A 2.05.B03 and DIR-860L Rev.B 2.03.B03 devices, unauthenticated remote OS command execution can occur in the soap.cgi service of the cgibin binary via an "&&" substring in the service parameter. NOTE: this issue exists because of an incomplete fix for… | ||
| CVE-2018-20100 | Cri | 0.64 | 9.8 | 0.01 | Jan 2, 2019 | An issue was discovered on August Connect devices. Insecure data transfer between the August app and August Connect during configuration allows attackers to discover home Wi-Fi credentials. This data transfer uses an unencrypted access point for these credentials, and passes… | ||
| CVE-2018-19362 | Cri | 0.58 | 9.8 | 0.11 | Jan 2, 2019 | FasterXML jackson-databind 2.x before 2.9.8 might allow attackers to have unspecified impact by leveraging failure to block the jboss-common-core class from polymorphic deserialization. | ||
| CVE-2018-19361 | Cri | 0.58 | 9.8 | 0.11 | Jan 2, 2019 | FasterXML jackson-databind 2.x before 2.9.8 might allow attackers to have unspecified impact by leveraging failure to block the openjpa class from polymorphic deserialization. | ||
| CVE-2018-19360 | Cri | 0.58 | 9.8 | 0.11 | Jan 2, 2019 | FasterXML jackson-databind 2.x before 2.9.8 might allow attackers to have unspecified impact by leveraging failure to block the axis2-transport-jms class from polymorphic deserialization. | ||
| CVE-2018-14721 | Cri | 0.59 | 10.0 | 0.10 | Jan 2, 2019 | FasterXML jackson-databind 2.x before 2.9.7 might allow remote attackers to conduct server-side request forgery (SSRF) attacks by leveraging failure to block the axis2-jaxws class from polymorphic deserialization. | ||
| CVE-2018-14720 | Cri | 0.57 | 9.8 | 0.08 | Jan 2, 2019 | FasterXML jackson-databind 2.x before 2.9.7 might allow attackers to conduct external XML entity (XXE) attacks by leveraging failure to block unspecified JDK classes from polymorphic deserialization. |
- risk 0.64cvss 9.8epss 0.02
In iOS before 11.2.5, macOS High Sierra before 10.13.3, Security Update 2018-001 Sierra, and Security Update 2018-001 El Capitan, watchOS before 4.2.2, and tvOS before 11.2.5, a memory corruption issue exists and was addressed with improved memory handling.
- risk 0.64cvss 9.8epss 0.01
In macOS High Sierra before 10.13.3, Security Update 2018-001 Sierra, and Security Update 2018-001 El Capitan, an out-of-bounds read was addressed with improved input validation.
- risk 0.64cvss 9.8epss 0.02
In iCloud for Windows before 7.3, Safari before 11.0.3, iTunes before 12.7.3 for Windows, and iOS before 11.2.5, multiple memory corruption issues exist and were addressed with improved memory handling.
- risk 0.64cvss 9.8epss 0.01
In macOS High Sierra before 10.13.3, Security Update 2018-001 Sierra, and Security Update 2018-001 El Capitan, a logic error existed in the validation of credentials. This was addressed with improved credential validation.
- risk 0.64cvss 9.8epss 0.03
modulemd 1.3.1 and earlier uses an unsafe function for processing externally provided data, leading to remote code execution.
- risk 0.64cvss 9.8epss 0.02
In CIMTechniques CIMScan 6.x through 6.2, the SOAP WSDL parser allows attackers to execute SQL code.
- risk 0.69cvss 9.8epss 0.25
Nelson Open Source ERP v6.3.1 allows SQL Injection via the db/utils/query/data.xml query parameter.
- risk 0.64cvss 9.8epss 0.01
An issue was discovered in ShopXO 1.2.0. In the application\install\controller\Index.php file, there is no validation lock file in the Add method, which allows an attacker to reinstall the database. The attacker can write arbitrary code to database.php during system…
- risk 0.00cvss 9.8epss 0.03
Irssi 1.1.x before 1.1.2 has a use after free when hidden lines are expired from the scroll buffer.
- risk 0.64cvss 9.8epss 0.02
PgpoolAdmin 4.0 and earlier allows remote attackers to bypass the login authentication and obtain the administrative privilege of the PostgreSQL database via unspecified vectors.
- risk 0.64cvss 9.8epss 0.02
SQL injection vulnerability in the RICOH Interactive Whiteboard D2200 V1.3 to V2.2, D5500 V1.3 to V2.2, D5510 V1.3 to V2.2, the display versions with RICOH Interactive Whiteboard Controller Type1 V1.3 to V2.2 attached (D5520, D6500, D6510, D7500, D8400), and the display versions…
- risk 0.64cvss 9.8epss 0.04
RICOH Interactive Whiteboard D2200 V1.6 to V2.2, D5500 V1.6 to V2.2, D5510 V1.6 to V2.2, and the display versions with RICOH Interactive Whiteboard Controller Type1 V1.6 to V2.2 attached (D5520, D6500, D6510, D7500, D8400) allows remote attackers to execute arbitrary commands…
- risk 0.64cvss 9.8epss 0.02
LogonTracer 1.2.0 and earlier allows remote attackers to conduct Python code injection attacks via unspecified vectors.
- risk 0.73cvss 9.8epss 0.75
LogonTracer 1.2.0 and earlier allows remote attackers to execute arbitrary OS commands via unspecified vectors.
- risk 0.59cvss 9.1epss 0.02
Directory traversal vulnerability in Cybozu Dezie 8.0.2 to 8.1.2 allows remote attackers to read arbitrary files via HTTP requests.
- risk 0.64cvss 9.8epss 0.02
INplc-RT 3.08 and earlier allows remote attackers to bypass authentication to execute an arbitrary command through the protocol-compliant traffic. This is a different vulnerability than CVE-2018-0669.
- risk 0.64cvss 9.8epss 0.02
INplc-RT 3.08 and earlier allows remote attackers to bypass authentication to execute an arbitrary command through the protocol-compliant traffic. This is a different vulnerability than CVE-2018-0670.
- risk 0.64cvss 9.8epss 0.02
Buffer overflow in INplc-RT 3.08 and earlier allows remote attackers to cause denial-of-service (DoS) condition that may result in executing arbtrary code via unspecified vectors.
- risk 0.64cvss 9.8epss 0.04
Buffer overflow in the license management function of YOKOGAWA products (iDefine for ProSafe-RS R1.16.3 and earlier, STARDOM VDS R7.50 and earlier, STARDOM FCN/FCJ Simulator R4.20 and earlier, ASTPLANNER R15.01 and earlier, TriFellows V5.04 and earlier) allows remote attackers…
- risk 0.63cvss 9.6epss 0.02
Early free of object in use in IndexDB in Google Chrome prior to 67.0.3396.62 allowed a remote attacker who had compromised the renderer process to potentially perform a sandbox escape via a crafted HTML page.
- risk 0.63cvss 9.6epss 0.02
Missing validation in Mojo in Google Chrome prior to 69.0.3497.81 allowed a remote attacker to potentially perform a sandbox escape via a crafted HTML page.
- risk 0.62cvss 9.6epss 0.01
Using an ID that can be controlled by a compromised renderer which allows any frame to overwrite the page_state of any other frame in the same process in Navigation in Google Chrome on Chrome OS prior to 62.0.3202.74 allowed a remote attacker who had compromised the renderer…
- risk 0.00cvss 9.8epss 0.02
In Traccar Server version 4.2, protocol/SpotProtocolDecoder.java might allow XXE attacks.
- risk 0.64cvss 9.8epss 0.02
D-Link DIR-822 C1 before v3.11B01Beta, DIR-822-US C1 before v3.11B01Beta, DIR-850L A* before v1.21B08Beta, DIR-850L B* before v2.22B03Beta, and DIR-880L A* before v1.20B02Beta devices allow authentication bypass.
- risk 0.65cvss 9.8epss 0.15
A remote code execution vulnerability exists in Microsoft Exchange software when the software fails to properly handle objects in memory, aka "Microsoft Exchange Memory Corruption Vulnerability." This affects Microsoft Exchange Server.
- risk 0.69cvss 9.8epss 0.71
A memory corruption vulnerability exists in the Windows DHCP client when an attacker sends specially crafted DHCP responses to a client, aka "Windows DHCP Client Remote Code Execution Vulnerability." This affects Windows 10, Windows 10 Servers.
- risk 0.64cvss 9.8epss 0.01
SAP Cloud Connector, before version 2.11.3, allows an attacker to inject code that can be executed by the application. An attacker could thereby control the behavior of the application.
- risk 0.64cvss 9.8epss 0.03
SAP Cloud Connector, before version 2.11.3, does not perform any authentication checks for functionalities that require user identity.
- risk 0.64cvss 9.8epss 0.02
includes/db/class.reflines_db.inc in FrontAccounting 2.4.6 contains a SQL Injection vulnerability in the reference field that can allow the attacker to grab the entire database of the application via the void_transaction.php filterType parameter.
- risk 0.57cvss 9.8epss 0.07
Apache Karaf provides a features deployer, which allows users to "hot deploy" a features XML by dropping the file directly in the deploy folder. The features XML is parsed by XMLInputFactory class. Apache Karaf XMLInputFactory class doesn't contain any mitigation codes against…
- risk 0.57cvss 9.8epss 0.02
An issue was discovered in weixin-java-tools v3.3.0. There is an XXE vulnerability in the getXmlDoc method of the BaseWxPayResult.java file. NOTE: this issue exists because of an incomplete fix for CVE-2018-20318.
- risk 0.59cvss 9.0epss 0.03
An exploitable buffer overflow vulnerability exists in the HTTP header-parsing function of the Webroot BrightCloud SDK. The function bc_http_read_header incorrectly handles overlong headers, leading to arbitrary code execution. An unauthenticated attacker could impersonate a…
- risk 0.64cvss 9.8epss 0.03
Pluto Safety PLC Gateway Ethernet devices ABB GATE-E1 and GATE-E2 all versions do not allow authentication to be configured on administrative telnet or web interfaces, which could enable various effects vectors, including conducting device resets, reading or modifying registers,…
- risk 0.59cvss 9.1epss 0.01
Rhymix CMS 1.9.8.1 allows SSRF via an index.php?module=admin&act=dispModuleAdminFileBox SVG upload.
- risk 0.65cvss 10.0epss 0.03
Zoho ManageEngine ADSelfService Plus 5.x before build 5703 has SSRF.
- risk 0.64cvss 9.8epss 0.08
Zoho ManageEngine ADSelfService Plus 5.x before build 5701 has XXE via an uploaded product license.
- risk 0.64cvss 9.8epss 0.02
EPON CPE-WiFi devices 2.0.4-X000 are vulnerable to escalation of privileges by sending cooLogin=1, cooUser=admin, and timestamp=-1 cookies.
- risk 0.68cvss 9.8epss 0.13
Buffer overflow in MiniShare 1.4.1 and earlier allows remote attackers to execute arbitrary code via a long HTTP POST request. NOTE: this product is discontinued.
- risk 0.68cvss 9.8epss 0.13
Buffer overflow in MiniShare 1.4.1 and earlier allows remote attackers to execute arbitrary code via a long HTTP HEAD request. NOTE: this product is discontinued.
- risk 0.64cvss 9.8epss 0.01
Multiple SQL injection vulnerabilities in Plikli CMS 4.0.0 allow remote attackers to execute arbitrary SQL commands via the (1) id parameter to join_group.php or (2) comment_id parameter to story.php.
- risk 0.64cvss 9.8epss 0.04
In FreeBSD before 11.2-STABLE(r348229), 11.2-RELEASE-p7, 12.0-STABLE(r342228), and 12.0-RELEASE-p1, insufficient validation of network-provided data in bootpd may make it possible for a malicious attacker to craft a bootp packet which could cause a stack buffer overflow. It is…
- risk 0.64cvss 9.8epss 0.01
Ansible Tower before version 3.3.3 does not set a secure channel as it is using the default insecure configuration channel settings for messaging celery workers from RabbitMQ. This could lead in data leak of sensitive information such as passwords as well as denial of service…
- risk 0.64cvss 9.8epss 0.02
The web application on Xerox AltaLink B80xx before 100.008.028.05200, C8030/C8035 before 100.001.028.05200, C8045/C8055 before 100.002.028.05200, and C8070 before 100.003.028.05200 allows unauthenticated command injection.
- risk 0.64cvss 9.8epss 0.07
On D-Link DIR-818LW Rev.A 2.05.B03 and DIR-860L Rev.B 2.03.B03 devices, unauthenticated remote OS command execution can occur in the soap.cgi service of the cgibin binary via an "&&" substring in the service parameter. NOTE: this issue exists because of an incomplete fix for…
- risk 0.64cvss 9.8epss 0.01
An issue was discovered on August Connect devices. Insecure data transfer between the August app and August Connect during configuration allows attackers to discover home Wi-Fi credentials. This data transfer uses an unencrypted access point for these credentials, and passes…
- risk 0.58cvss 9.8epss 0.11
FasterXML jackson-databind 2.x before 2.9.8 might allow attackers to have unspecified impact by leveraging failure to block the jboss-common-core class from polymorphic deserialization.
- risk 0.58cvss 9.8epss 0.11
FasterXML jackson-databind 2.x before 2.9.8 might allow attackers to have unspecified impact by leveraging failure to block the openjpa class from polymorphic deserialization.
- risk 0.58cvss 9.8epss 0.11
FasterXML jackson-databind 2.x before 2.9.8 might allow attackers to have unspecified impact by leveraging failure to block the axis2-transport-jms class from polymorphic deserialization.
- risk 0.59cvss 10.0epss 0.10
FasterXML jackson-databind 2.x before 2.9.7 might allow remote attackers to conduct server-side request forgery (SSRF) attacks by leveraging failure to block the axis2-jaxws class from polymorphic deserialization.
- risk 0.57cvss 9.8epss 0.08
FasterXML jackson-databind 2.x before 2.9.7 might allow attackers to conduct external XML entity (XXE) attacks by leveraging failure to block unspecified JDK classes from polymorphic deserialization.