EPSON Printers Open Redirect (CVE-2018-0688)

Open redirect vulnerability in SEIKO EPSON printers and scanners DS-570W firmware versions released prior to 2018 March 13, DS-780N firmware versions released prior to 2018 March 13, EP-10VA firmware versions released prior to 2017 September 4, EP-30VA firmware versions released prior to 2017 Jun...

CVE-2024-5760

The Samsung Universal Print Driver for Windows is potentially vulnerable to escalation of privilege allowing the creation of a reverse shell in the tool. This is only applicable for products in the application released or manufactured before 2018...

CVE-2024-5760

The Samsung Universal Print Driver for Windows is potentially vulnerable to escalation of privilege allowing the creation of a reverse shell in the tool. This is only applicable for products in the application released or manufactured before 2018...

CVE-2024-5760

The Samsung Universal Print Driver for Windows is potentially vulnerable to escalation of privilege allowing the creation of a reverse shell in the tool. This is only applicable for products in the application released or manufactured before 2018...

CVE-2024-5760

The Samsung Universal Print Driver for Windows is potentially vulnerable to escalation of privilege allowing the creation of a reverse shell in the tool. This is only applicable for products in the application released or manufactured before 2018...

Samsung Universal Print Driver for Windows–Potential Escalation of Privilege

The Samsung Universal Print Driver for Windows is potentially vulnerable to escalation of privilege allowing the creation of a reverse shell in the tool. This is only applicable for products in the application released or manufactured before 2018. Update your printer software...

SUSE CVE-2018-3691

Some implementations in Intel Integrated Performance Primitives Cryptography Library before version 2018 U3.1 do not properly ensure constant execution time...

ViaBTC Exchange Server Digital Error Vulnerability

ViaBTC Exchange Server is a backend engine dedicated to cryptocurrency trading. An integer overflow vulnerability exists in the utils/utwssvr.c file in versions of ViaBTC Exchange Server prior to 2018-08-21. An attacker could exploit this vulnerability to cause memory corruption...

PYSEC-2019-219

Recommender before 2018-07-18 allows XSS...

CuppaCMS SQL Injection Vulnerability

CuppaCMS is a content management system CMS. A SQL injection vulnerability exists in the administrator/classes/ajax/functions.php file in CuppaCMS 2018-11-12 and earlier versions. A remote attacker can exploit the vulnerability to execute SQL commands with the help of 'referenceid' parameter...

Google Monorail Cross-Site Search Vulnerability (CNVD-2018-23926)

Google Monorail is an issue tracker from Google USA. A security vulnerability exists in versions of Google Monorail prior to 2018-05-04. An attacker can exploit the vulnerability to obtain sensitive information about bug reports...

translate man cross-site scripting vulnerability

translate man is a browser plugin that can call the Google Translate interface. A cross-site scripting vulnerability exists in versions of translate man prior to 2018-08-21. A remote attacker can exploit the vulnerability to execute malicious code with the help of the...

WAVM Buffer Overflow Vulnerability

WAVM is the WebAssembly Virtual Machine. A buffer overflow vulnerability exists in the 'FunctionValidationContext::popAndValidateOperand' function in WAVM 2018-07-26 and earlier versions, which can be exploited by an attacker by sending a specially crafted file to WAVM This can be exploited to...

Android Qualcomm fwlog information disclosure vulnerability

Android on Google Pixel and Nexus is an open source Linux-based operating system for the Google Pixel and Nexus smartphones developed by Google Inc. and the Open Handheld Alliance OHA.Qualcomm fwlog is one of the firewall logging component. An information disclosure vulnerability exists in Qualco...

Linaro LAVA Arbitrary File Download Vulnerability

Linaro LAVA is an automated verification system. The system is primarily used to test the deployment of device systems based on ARM cores. A security vulnerability exists in Linaro LAVA versions prior to 2018.5.post1, which stems from the program's support for file: URLs.An attacker could use thi...

CVE-2018-6254

In Android before the 2018-05-05 security patch level, NVIDIA Media Server contains an out-of-bounds read due to improper input validation vulnerability which could lead to local information disclosure. This issue is rated as moderate. Android: A-64340684. Reference: N-CVE-2018-6254...

Ipswitch WhatsUp Gold Server-Side Request Forgery Vulnerability

Ipswitch WhatsUp Gold is a suite of unified infrastructure and application monitoring software from Ipswitch USA. The software supports management of network, server, virtual environment and application performance, among other things. A server-side request forgery vulnerability exists in the...

Google Android buffer out-of-bounds read vulnerability (CNVD-2018-10127)

Android is a Linux-based open-source operating system jointly developed by Google and the Open Handheld Alliance OHA, and Qualcomm MSM8909W is a central processing unit CPU product of Qualcomm. A buffer out-of-bounds read vulnerability exists in the Qualcomm closed-source component in Android...

Design/Logic Flaw

In Android before 2018-04-05 or earlier security patch level on Qualcomm Snapdragon Mobile SD 410/12, SD 617, SD 650/52, SD 800, SD 808, and SD 810, in the function "CertificateCreateWithBuffer" in the QSEE app TQS, in case of memory allocation failure, we free the memory and return the pointer...

Design/Logic Flaw

On Hoermann BiSecur devices before 2018, a vulnerability can be exploited by recording a single radio transmission. An attacker can intercept an arbitrary radio frame exchanged between a BiSecur transmitter and a receiver to obtain the encrypted packet and the 32-bit serial number. The intercepti...