CVE-2018-13844
An issue has been found in HTSlib 1.8. It is a memory leak in fai_read in faidx.c.
Source: CVE-2018-13844
[월:] 2018년 07월
CVE-2018-2427
CVE-2018-2427
SAP BusinessObjects Business Intelligence Suite, versions 4.10 and 4.20, and SAP Crystal Reports (version for Visual Studio .NET, Version 2010) allows an attacker to inject code that can be executed by the application. An attacker could thereby control the behaviour of the application.
Source: CVE-2018-2427
CVE-2018-13850
CVE-2018-13850
The "Firebase Cloud Messaging (FCM) + Advance Admin Panel" component supporting Firebase Push Notification on iOS (through 2017-10-26) allows SQL injection via the /advance_push/public/login username parameter.
Source: CVE-2018-13850
CVE-2018-2431
CVE-2018-2431
SAP BusinessObjects Business Intelligence Suite, versions 4.10 and 4.20, does not sufficiently encode user controlled inputs, resulting in Cross-Site Scripting (XSS) vulnerability.
Source: CVE-2018-2431
CVE-2018-13848
CVE-2018-13848
An issue has been found in Bento4 1.5.1-624. It is a SEGV in AP4_StszAtom::GetSampleSize in Core/Ap4StszAtom.cpp.
Source: CVE-2018-13848
CVE-2018-13849
CVE-2018-13849
edit_requests.php in yTakkar Instagram-clone through 2018-04-23 has XSS via an onmouseover payload because of an inadequate XSS protection mechanism based on preg_replace.
Source: CVE-2018-13849
CVE-2018-13847
CVE-2018-13847
An issue has been found in Bento4 1.5.1-624. It is a SEGV in AP4_StcoAtom::AdjustChunkOffsets in Core/Ap4StcoAtom.cpp.
Source: CVE-2018-13847
CVE-2018-13845
CVE-2018-13845
An issue has been found in HTSlib 1.8. It is a buffer over-read in sam_parse1 in sam.c.
Source: CVE-2018-13845
CVE-2018-10891
CVE-2018-10891
A flaw was found in moodle before versions 3.5.1, 3.4.4, 3.3.7, 3.1.13. When a quiz question bank is imported, it was possible for the question preview that is displayed to execute JavaScript that is written into the question bank.
Source: CVE-2018-10891
CVE-2018-2433
CVE-2018-2433
SAP Gateway (SAP KERNEL 32 NUC, SAP KERNEL 32 Unicode, SAP KERNEL 64 NUC, SAP KERNEL 64 Unicode 7.21, 7.21EXT, 7.22 and 7.22EXT; SAP KERNEL 7.21, 7.22, 7.45, 7.49 and 7.53) allows an attacker to prevent legitimate users from accessing a service, either by crashing or flooding the service.
Source: CVE-2018-2433