CVE-2017-15640
app/sections/user-menu.php in phpIPAM before 1.3.1 has XSS via the ip parameter.
Source: CVE-2017-15640
[월:] 2018년 04월
CVE-2018-10126
CVE-2018-10126
LibTIFF 4.0.9 has a NULL pointer dereference in the jpeg_fdct_16x16 function in jfdctint.c.
Source: CVE-2018-10126
CVE-2018-10283
CVE-2018-10283
CliqueMania loja virtual 14 has SQL Injection via the patch/remote.php id parameter in a recomendar action.
Source: CVE-2018-10283
CVE-2018-10284
CVE-2018-10284
Adaltech G-Ticket v70 EME104 has SQL Injection via the mobile-loja/mensagem.asp eve_cod parameter.
Source: CVE-2018-10284
CVE-2018-10254
CVE-2018-10254
Netwide Assembler (NASM) 2.13 has a stack-based buffer over-read in the disasm function of the disasm/disasm.c file. Remote attackers could leverage this vulnerability to cause a denial of service or possibly have unspecified other impact via a crafted ELF file.
Source: CVE-2018-10254
CVE-2018-10253
CVE-2018-10253
Paessler PRTG Network Monitor before 18.1.39.1648 mishandles stack memory during unspecified API calls.
Source: CVE-2018-10253
CVE-2018-9059
CVE-2018-9059
Stack-based buffer overflow in Easy File Sharing (EFS) Web Server 7.2 allows remote attackers to execute arbitrary code via a malicious login request to forum.ghp. NOTE: this may overlap CVE-2014-3791.
Source: CVE-2018-9059
CVE-2018-10175
CVE-2018-10175
Digital Guardian Management Console 7.1.2.0015 has an XXE issue.
Source: CVE-2018-10175
CVE-2018-10176
CVE-2018-10176
Digital Guardian Management Console 7.1.2.0015 has a Directory Traversal issue.
Source: CVE-2018-10176
CVE-2018-10079
CVE-2018-10079
Geist WatchDog Console 3.2.2 uses a weak ACL for the C:ProgramDataWatchDog Console directory, which allows local users to modify configuration data by updating (1) config.xml or (2) servers.xml.
Source: CVE-2018-10079