Max CVSS 7.6 Min CVSS 4.0 Total Count10
IDCVSSSummaryLast (major) updatePublished
CVE-2018-15142 6.5
Directory traversal in portal/import_template.php in versions of OpenEMR before 5.0.1.4 allows a remote attacker authenticated in the patient portal to execute arbitrary PHP code by writing a file with a PHP extension via the "docid" and "content" pa
13-08-2018 - 14:29 13-08-2018 - 14:29
CVE-2018-15141 5.5
Directory traversal in portal/import_template.php in versions of OpenEMR before 5.0.1.4 allows a remote attacker authenticated in the patient portal to delete arbitrary files via the "docid" parameter when the mode is set to delete.
13-08-2018 - 14:29 13-08-2018 - 14:29
CVE-2018-15140 4.0
Directory traversal in portal/import_template.php in versions of OpenEMR before 5.0.1.4 allows a remote attacker authenticated in the patient portal to read arbitrary files via the "docid" parameter when the mode is set to get.
13-08-2018 - 14:29 13-08-2018 - 14:29
CVE-2018-14847 6.4
MikroTik RouterOS through 6.42 allows unauthenticated remote attackers to read arbitrary files and remote authenticated attackers to write arbitrary files due to a directory traversal vulnerability in the WinBox interface.
02-08-2018 - 03:29 02-08-2018 - 03:29
CVE-2018-8298 7.6
A remote code execution vulnerability exists in the way that the ChakraCore scripting engine handles objects in memory, aka "Scripting Engine Memory Corruption Vulnerability." This affects ChakraCore. This CVE ID is unique from CVE-2018-8242, CVE-201
10-07-2018 - 20:29 10-07-2018 - 20:29
CVE-2018-8291 7.6
A remote code execution vulnerability exists in the way the scripting engine handles objects in memory in Microsoft browsers, aka "Scripting Engine Memory Corruption Vulnerability." This affects ChakraCore, Internet Explorer 11, Microsoft Edge. This
10-07-2018 - 20:29 10-07-2018 - 20:29
CVE-2018-8288 7.6
A remote code execution vulnerability exists in the way the scripting engine handles objects in memory in Microsoft browsers, aka "Scripting Engine Memory Corruption Vulnerability." This affects ChakraCore, Internet Explorer 11, Microsoft Edge. This
10-07-2018 - 20:29 10-07-2018 - 20:29
CVE-2018-8279 7.6
A remote code execution vulnerability exists when Microsoft Edge improperly accesses objects in memory, aka "Microsoft Edge Memory Corruption Vulnerability." This affects Microsoft Edge, ChakraCore. This CVE ID is unique from CVE-2018-8125, CVE-2018-
10-07-2018 - 20:29 10-07-2018 - 20:29
CVE-2018-11510 5.0
The ASUSTOR ADM 3.1.0.RFQ3 NAS portal suffers from an unauthenticated remote code execution vulnerability in the portal/apis/aggrecate_js.cgi file by embedding OS commands in the 'script' parameter.
28-06-2018 - 10:29 28-06-2018 - 10:29
CVE-2018-12293 6.8
The getImageData function in the ImageBufferCairo class in WebCore/platform/graphics/cairo/ImageBufferCairo.cpp in WebKit, as used in WebKitGTK+ prior to version 2.20.3 and WPE WebKit prior to version 2.20.1, is vulnerable to a heap-based buffer over
19-06-2018 - 17:29 19-06-2018 - 17:29
Back to Top Mark selected
Back to Top