Max CVSS | 10.0 | Min CVSS | 4.0 | Total Count | 2 |
ID | CVSS | Summary | Last (major) update | Published | |
CVE-2018-7164 | 5.0 |
Node.js versions 9.7.0 and later and 10.x are vulnerable and the severity is MEDIUM. A bug introduced in 9.7.0 increases the memory consumed when reading from the network into JavaScript using the net.Socket object directly as a stream. An attacker c
|
29-08-2022 - 20:21 | 13-06-2018 - 16:29 | |
CVE-2018-7162 | 7.8 |
All versions of Node.js 9.x and 10.x are vulnerable and the severity is HIGH. An attacker can cause a denial of service (DoS) by causing a node process which provides an http server supporting TLS server to crash. This can be accomplished by sending
|
16-08-2022 - 13:00 | 13-06-2018 - 16:29 | |
CVE-2018-3665 | 4.7 |
System software utilizing Lazy FP state restore technique on systems using Intel Core-based microprocessors may potentially allow a local process to infer data from another process through a speculative execution side channel.
|
09-06-2021 - 16:24 | 21-06-2018 - 20:29 | |
CVE-2018-9358 | 7.8 |
In gatts_process_attribute_req of gatt_sc.cc, there is a possible read of uninitialized data due to a missing bounds check. This could lead to remote information disclosure in the Bluetooth process with no additional execution privileges needed. User
|
24-08-2020 - 17:37 | 06-11-2018 - 17:29 | |
CVE-2017-15695 | 6.5 |
When an Apache Geode server versions 1.0.0 to 1.4.0 is configured with a security manager, a user with DATA:WRITE privileges is allowed to deploy code by invoking an internal Geode function. This allows remote code execution. Code deployment should b
|
24-08-2020 - 17:37 | 13-06-2018 - 17:29 | |
CVE-2018-1393 | 4.0 |
IBM Financial Transaction Manager for ACH Services for Multi-Platform 3.0.6 could allow an authenticated user to execute a specially crafted command that could obtain sensitive information. IBM X-Force ID: 138378.
|
09-10-2019 - 23:38 | 13-06-2018 - 14:29 | |
CVE-2018-1547 | 5.1 |
IBM Robotic Process Automation with Automation Anywhere 10.0 could allow a remote attacker to execute arbitrary code on the system, caused by improper output encoding in an CSV export. By persuading a victim to download the CSV export, to open it in
|
09-10-2019 - 23:38 | 07-06-2018 - 14:29 | |
CVE-2018-0352 | 7.2 |
A vulnerability in the Disk Check Tool (disk-check.sh) for Cisco Wide Area Application Services (WAAS) Software could allow an authenticated, local attacker to elevate their privilege level to root. The attacker must have valid user credentials with
|
09-10-2019 - 23:31 | 07-06-2018 - 21:29 | |
CVE-2018-9356 | 10.0 |
In bnep_data_ind of bnep_main.c, there is a possible remote code execution due to a double free. This could lead to remote code execution with no additional execution privileges needed. User interaction is not needed for exploitation. Product: Androi
|
14-12-2018 - 21:00 | 06-11-2018 - 17:29 | |
CVE-2018-9355 | 10.0 |
In bta_dm_sdp_result of bta_dm_act.cc, there is a possible out of bounds stack write due to a missing bounds check. This could lead to remote code execution with no additional execution privileges needed. User interaction is not needed for exploitati
|
14-12-2018 - 21:00 | 06-11-2018 - 17:29 | |
CVE-2018-9359 | 7.8 |
In process_l2cap_cmd of l2c_main.cc, there is a possible out of bounds read due to a missing bounds check. This could lead to remote information disclosure with no additional execution privileges needed. User interaction is not needed for exploitatio
|
14-12-2018 - 20:58 | 06-11-2018 - 17:29 | |
CVE-2018-9360 | 7.8 |
In process_l2cap_cmd of l2c_main.cc, there is a possible out of bounds read due to a missing bounds check. This could lead to remote information disclosure with no additional execution privileges needed. User interaction is not needed for exploitatio
|
13-12-2018 - 14:15 | 06-11-2018 - 17:29 | |
CVE-2018-9361 | 7.8 |
In process_l2cap_cmd of l2c_main.cc, there is a possible out of bounds read due to a missing bounds check. This could lead to remote information disclosure with no additional execution privileges needed. User interaction is not needed for exploitatio
|
13-12-2018 - 14:13 | 06-11-2018 - 17:29 | |
CVE-2018-9362 | 7.8 |
In processMessagePart of InboundSmsHandler.java, there is a possible remote denial of service due to improper input validation. This could lead to remote denial of service with no additional execution privileges needed. User interaction is not needed
|
12-12-2018 - 22:15 | 06-11-2018 - 17:29 | |
CVE-2018-9357 | 7.2 |
In BNEP_Write of bnep_api.cc, there is a possible out of bounds write due to an incorrect bounds check. This could lead to local escalation of privilege with User execution privileges needed. User interaction is not needed for exploitation. Product:
|
12-12-2018 - 15:44 | 06-11-2018 - 17:29 | |
CVE-2018-5488 | 7.5 |
NetApp SANtricity Web Services Proxy versions 1.10.x000.0002 through 2.12.X000.0002 and SANtricity Storage Manager 11.30.0X00.0004 through 11.42.0X00.0001 ship with the Java Management Extension Remote Method Invocation (JMX RMI) service bound to the
|
11-08-2018 - 17:54 | 13-06-2018 - 20:29 | |
CVE-2018-11808 | 10.0 |
Incorrect Access Control in CustomFieldsFeedServlet in Zoho ManageEngine Applications Manager Version 13 before build 13740 allows an attacker to delete any file and read certain files on the server in the context of the user (which by default is "NT
|
07-08-2018 - 01:29 | 06-06-2018 - 03:29 | |
CVE-2004-2043 | 5.0 |
Buffer overflow in ibserver for Firebird Database 1.0 and other versions before 1.5, and possibly other products that use the InterBase codebase, allows remote attackers to cause a denial of service (crash) via a long database name, as demonstrated u
|
11-07-2017 - 01:31 | 01-05-2004 - 04:00 |