4666 matches found
Integer overflow
Teluu PJSIP version 2.7.1 and earlier contains a Integer Overflow vulnerability in pjmedia SDP parsing that can result in Crash. This attack appear to be exploitable via Sending a specially crafted message. This vulnerability appears to have been fixed in 2.7.2...
CVE-2018-1000098
Teluu PJSIP version 2.7.1 and earlier contains a Integer Overflow vulnerability in pjmedia SDP parsing that can result in Crash. This attack appear to be exploitable via Sending a specially crafted message. This vulnerability appears to have been fixed in 2.7.2...
CVE-2018-1000099
CVE-2018-1000099 affects Teluu PJSIP up to version 2.7.1, where a null/uninitialized pointer vulnerability in pjmedia SDP parsing can crash a system. Exploitation is tied to processing specially crafted SDP messages; the issue is stated to be fixed in PJSIP 2.7.2. Connected advisories reference D...
CVE-2018-1000099
Removed by vendor...
Solaris 10 (sparc) : 151355-01
Vulnerability in the Solaris component of Oracle and Sun Systems Products Suite subcomponent: CPU performance counters CPC drivers. Supported versions that are affected are 10 and 11.1. Easily exploitable vulnerability requiring logon to Operating System. Successful attack of this vulnerability c...
Solaris 10 (sparc) : 149075-01
Vulnerability in the Solaris component of Oracle and Sun Systems Products Suite subcomponent: Print Filter Utility. Supported versions that are affected are 9, 10 and 11.1. Easily exploitable vulnerability requiring logon to Operating System. Successful attack of this vulnerability can result in...
Solaris 10 (sparc) : 150400-52
Vulnerability in the Solaris component of Oracle Sun Systems Products Suite subcomponent: Kernel. Supported versions that are affected are 10 and 11. Easily exploitable vulnerability allows high privileged attacker with logon to the infrastructure where Solaris executes to compromise Solaris...
Solaris 10 (sparc) : 150400-51
Vulnerability in the Solaris component of Oracle Sun Systems Products Suite subcomponent: Kernel. Supported versions that are affected are 10 and 11. Easily exploitable vulnerability allows high privileged attacker with logon to the infrastructure where Solaris executes to compromise Solaris...
Solaris 10 (sparc) : 147673-11
Vulnerability in the Solaris component of Oracle Sun Systems Products Suite subcomponent: Oracle Java Web Console. The supported version that is affected is 10. Easily exploitable vulnerability allows low privileged attacker with logon to the infrastructure where Solaris executes to compromise...
Solaris 10 (x86) : 150158-01
Vulnerability in the Solaris component of Oracle and Sun Systems Products Suite subcomponent: Remote Procedure Call RPC. Supported versions that are affected are 8, 9, 10 and 11.1. Easily exploitable vulnerability requiring logon to Operating System. Successful attack of this vulnerability can...
Solaris 10 (x86) : 150401-59
Vulnerability in the Solaris component of Oracle Sun Systems Products Suite subcomponent: Kernel. The supported version that is affected is 10. Easily exploitable vulnerability allows unauthenticated attacker with network access via ICMP to compromise Solaris. Successful attacks of this...
Solaris 10 (sparc) : 150400-11
Vulnerability in the Solaris component of Oracle and Sun Systems Products Suite subcomponent: Kernel. Supported versions that are affected are 10 and 11.1. Easily exploitable vulnerability requiring logon to Operating System. Successful attack of this vulnerability can result in unauthorized...
Solaris 10 (x86) : 150401-53
Vulnerability in the Solaris component of Oracle Sun Systems Products Suite subcomponent: Kernel. Supported versions that are affected are 10 and 11. Easily exploitable vulnerability allows high privileged attacker with logon to the infrastructure where Solaris executes to compromise Solaris...
CVE-2018-1000118
Github Electron version Electron 1.8.2-beta.4 and earlier contains a Command Injection vulnerability in Protocol Handler that can result in command execute. This attack appear to be exploitable via the victim opening an electron protocol handler in their browser. This vulnerability appears to hav...
CVE-2018-1000118
Github Electron version Electron 1.8.2-beta.4 and earlier contains a Command Injection vulnerability in Protocol Handler that can result in command execute. This attack appear to be exploitable via the victim opening an electron protocol handler in their browser. This vulnerability appears to hav...
CVE-2018-1000078
RubyGems version Ruby 2.2 series: 2.2.9 and earlier, Ruby 2.3 series: 2.3.6 and earlier, Ruby 2.4 series: 2.4.3 and earlier, Ruby 2.5 series: 2.5.0 and earlier, prior to trunk revision 62422 contains a Cross Site Scripting XSS vulnerability in gem server display of homepage attribute that can...
LimeSurvey < 3.3.1 CSRF Vulnerability
LimeSurvey contains a Cross ite Request Forgery CSRF vulnerability. SPDX-FileCopyrightText: 2018 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE =...
Schneider Electric IGSS Mobile
CVSS v3 6.4 ATTENTION: Locally exploitable/low skill level to exploit. Vendor: Schneider Electric Equipment: IGSS Mobile Vulnerabilities: Improper Certificate Validation, Plaintext Storage of a Password AFFECTED PRODUCTS Schneider Electric reports that the vulnerabilities affect the following IGS...
CVE-2018-1000052
fmtlib version prior to version 4.1.0 before commit 0555cea5fc0bf890afe0071a558e44625a34ba85 contains a Memory corruption SIGSEGV, CWE-134 vulnerability in fmt::print library function that can result in Denial of Service. This attack appear to be exploitable via Specifying an invalid format...
Improper access control
Jerome Gamez Firebase Admin SDK for PHP version from 3.2.0 to 3.8.0 contains a Incorrect Access Control vulnerability in src/Firebase/Auth/IdTokenVerifier.php does not verify for token signature that can result in JWT with any email address and user ID could be forged from an actual token, or fro...