Max CVSS 6.8 Min CVSS 3.5 Total Count10
IDCVSSSummaryLast (major) updatePublished
CVE-2018-14059 3.5
Pimcore allows XSS via Users, Assets, Data Objects, Video Thumbnails, Image Thumbnails, Field-Collections, Objectbrick, Classification Store, Document Types, Predefined Properties, Predefined Asset Metadata, Quantity Value, and Static Routes function
25-08-2018 - 06:29 24-08-2018 - 18:29
CVE-2018-14058 4.0
Pimcore before 5.3.0 allows SQL Injection via the REST web service API.
17-08-2018 - 14:29 17-08-2018 - 14:29
CVE-2018-14057 6.8
Pimcore before 5.3.0 allows remote attackers to conduct cross-site request forgery (CSRF) attacks by leveraging validation of the X-pimcore-csrf-token anti-CSRF token only in the "Settings > Users / Roles" function.
17-08-2018 - 14:29 17-08-2018 - 14:29
CVE-2018-15172 5.0
TP-Link WR840N devices have a buffer overflow via a long Authorization HTTP header.
15-08-2018 - 13:29 15-08-2018 - 13:29
CVE-2018-15142 6.5
Directory traversal in portal/import_template.php in versions of OpenEMR before 5.0.1.4 allows a remote attacker authenticated in the patient portal to execute arbitrary PHP code by writing a file with a PHP extension via the "docid" and "content" pa
13-08-2018 - 14:29 13-08-2018 - 14:29
CVE-2018-15141 5.5
Directory traversal in portal/import_template.php in versions of OpenEMR before 5.0.1.4 allows a remote attacker authenticated in the patient portal to delete arbitrary files via the "docid" parameter when the mode is set to delete.
13-08-2018 - 14:29 13-08-2018 - 14:29
CVE-2018-15140 4.0
Directory traversal in portal/import_template.php in versions of OpenEMR before 5.0.1.4 allows a remote attacker authenticated in the patient portal to read arbitrary files via the "docid" parameter when the mode is set to get.
13-08-2018 - 14:29 13-08-2018 - 14:29
CVE-2018-12293 6.8
The getImageData function in the ImageBufferCairo class in WebCore/platform/graphics/cairo/ImageBufferCairo.cpp in WebKit, as used in WebKitGTK+ prior to version 2.20.3 and WPE WebKit prior to version 2.20.1, is vulnerable to a heap-based buffer over
19-06-2018 - 17:29 19-06-2018 - 17:29
CVE-2016-0778 4.6
The (1) roaming_read and (2) roaming_write functions in roaming_common.c in the client in OpenSSH 5.x, 6.x, and 7.x before 7.1p2, when certain proxy and forward options are enabled, do not properly maintain connection file descriptors, which allows r
16-02-2017 - 21:59 14-01-2016 - 17:59
CVE-2016-0777 4.0
The resend_bytes function in roaming_common.c in the client in OpenSSH 5.x, 6.x, and 7.x before 7.1p2 allows remote servers to obtain sensitive information from process memory by requesting transmission of an entire buffer, as demonstrated by reading
16-02-2017 - 21:59 14-01-2016 - 17:59
Back to Top Mark selected
Back to Top