Lucene search
K

14 matches found

Vulnrichment
Vulnrichment
added 2026/05/30 2:55 p.m.10 views

CVE-2018-25414 AiOPMSD Final 1.0.0 SQL Injection via actor.php

AiOPMSD Final 1.0.0 contains an SQL injection vulnerability that allows unauthenticated attackers to execute arbitrary SQL queries by injecting malicious code through the actor parameter. Attackers can send GET requests to actor.php with crafted SQL payloads in the actor parameter to extract...

8.8CVSS6.1AI score0.0027EPSS
Exploits0References4
Tenable Nessus
Tenable Nessus
added 2026/05/04 12:0 a.m.7 views

RHCOS 3 : OpenShift Container Platform 3.6 (RHSA-2018:3598)

The remote Red Hat Enterprise Linux CoreOS 3 host has packages installed that are affected by a vulnerability as referenced in the RHSA-2018:3598 advisory. - kubernetes: authentication/authorization bypass in the handling of non-101 responses CVE-2018-1002105 Note that Nessus has not tested for...

9.8CVSS7.3AI score0.86978EPSS
Exploits10References8
Tenable Nessus
Tenable Nessus
added 2026/05/04 12:0 a.m.10 views

RHCOS 3 : OpenShift Container Platform 3.5 (RHSA-2018:1235)

The remote Red Hat Enterprise Linux CoreOS 3 host has packages installed that are affected by a vulnerability as referenced in the RHSA-2018:1235 advisory. - source-to-image: Improper path sanitization in ExtractTarStreamFromTarReader in tar/tar.go CVE-2018-1102 Note that Nessus has not tested fo...

8.8CVSS7.3AI score0.02418EPSS
Exploits0References12
Tenable Nessus
Tenable Nessus
added 2026/01/16 12:0 a.m.4 views

MiracleLinux 7 : libvncserver-0.9.9-12.el7 (AXSA:2018-2817:02)

The remote MiracleLinux 7 host has a package installed that is affected by a vulnerability as referenced in the AXSA:2018-2817:02 advisory. libvncserver: Improper input sanitization in rfbProcessClientNormalMessage in rfbserver.c CVE-2018-7225 Tenable has extracted the preceding description block...

9.8CVSS7.2AI score0.06222EPSS
Exploits1References2
Tenable Nessus
Tenable Nessus
added 2026/01/16 12:0 a.m.2 views

MiracleLinux 7 : libvirt-3.9.0-14.5.0.1.el7.AXS7 (AXSA:2018-3138:01)

The remote MiracleLinux 7 host has packages installed that are affected by a vulnerability as referenced in the AXSA:2018-3138:01 advisory. An industry-wide issue was found in the way many modern microprocessor designs have implemented speculative execution of Load Tenable has extracted the...

5.5CVSS7.2AI score0.60631EPSS
Exploits2References2
SUSE CVE
SUSE CVE
added 2023/02/15 4:30 a.m.7 views

SUSE CVE-2018-6969

VMware Tools 10.x and prior before 10.3.0 contains an out-of-bounds read vulnerability in HGFS. Successful exploitation of this issue may lead to information disclosure or may allow attackers to escalate their privileges on the guest VMs. In order to be able to exploit this issue, file sharing mu...

7CVSS6.5AI score0.00395EPSS
Exploits0References3
vulnersOsv
vulnersOsv
added 2022/05/13 1:50 a.m.4 views

ColumnPack:ColumnPack-plugin (=1.0.3), CustomHistory:CustomHistory (>=1.1 <=1.3) +1572 more potentially affected by CVE-2018-1999043 via org.jenkins-ci.main:jenkins-core (>=1.396 <=2.12)

org.jenkins-ci.main:jenkins-core MAVEN version =1.396, =1.1, =0.0.1, =1.0.0, =1.0, =0.0.1, =0.1.0, =1.0, =0.9, =1.3, =1.0.5.0, =1.0.6.1 and more Source cves: CVE-2018-1999043 Source advisory: OSV:GHSA-2632-H32J-6RG9...

7.5CVSS6.7AI score0.01673EPSS
Exploits0
OSV
OSV
added 2019/10/03 4:15 p.m.1 views

DEBIAN-CVE-2018-14461

The LDP parser in tcpdump before 4.9.3 has a buffer over-read in print-ldp.c:ldptlvprint...

7.5CVSS6.6AI score0.03985EPSS
Exploits0References1
Circl
Circl
added 2018/12/26 6:19 p.m.7 views

CVE-2018-0723

creationtimestamp| type| source ---|---|--- 2018-12-26 18:19:28+00:00| seen| https://t.me/cibsecurity/1782 2018-12-26 18:19:29+00:00| seen| https://t.me/cibsecurity/1783...

6.1CVSS6AI score0.00772EPSS
Exploits0References2
OSV
OSV
added 2018/12/06 11:29 p.m.3 views

CVE-2018-19927

Zenitel Norway IP-StationWeb before 4.2.3.9 allows stored XSS via the Display Name for Station Status or Account Settings, related to the goform/zFormsavechanges sipnick parameter. The password of alphaadmin for the admin account may be used for authentication in some cases...

4.8CVSS5.8AI score
Exploits0References1
Drupal
Drupal
added 2018/10/10 12:0 a.m.4 views

Lightbox2 - Critical - Cross Site Scripting - SA-CONTRIB-2018-064

The Lightbox2 module enables you to overlay images on the current page. The module did not sanitize some inputs when used in combination with a custom view leading to potential Cross Site Scripting XSS...

5.4AI score
Exploits0References7
Tenable Nessus
Tenable Nessus
added 2018/05/23 12:0 a.m.41 views

Oracle Linux 6 : java-1.7.0-openjdk (ELSA-2018-1647)

The remote Oracle Linux 6 host has packages installed that are affected by a vulnerability as referenced in the ELSA-2018-1647 advisory. 1:1.7.0.181-2.6.14.8.0.1 - Update DISTRONAME in specfile 1:1.7.0.181-2.6.14.8 - added and applied 1566890embargoed20180521.patch - Resolves: rhbz1578550 Tenable...

5.5CVSS7AI score0.60631EPSS
Exploits2References2
Tenable Nessus
Tenable Nessus
added 2018/05/16 12:0 a.m.47 views

RHEL 7 : dhcp (RHSA-2018:1456)

The remote Redhat Enterprise Linux 7 host has packages installed that are affected by a vulnerability as referenced in the RHSA-2018:1456 advisory. The Dynamic Host Configuration Protocol DHCP is a protocol that allows individual devices on an IP network to get their own network configuration...

7.9CVSS8.3AI score0.94457EPSS
Exploits14References6
OSV
OSV
added 2018/03/06 9:29 p.m.5 views

CVE-2018-7737

In Z-BlogPHP 1.5.1.1740, there is Web Site physical path leakage, as demonstrated by adminfooter.php or adminfooter.php. NOTE: the software maintainer disputes that this is a vulnerability...

5.3CVSS5.8AI score0.08817EPSS
Exploits5References4
Rows per page
Query Builder