Max CVSS | 7.2 | Min CVSS | 2.1 | Total Count | 2 |
ID | CVSS | Summary | Last (major) update | Published | |
CVE-2018-15687 | 6.9 |
A race condition in chown_one() of systemd allows an attacker to cause systemd to set arbitrary permissions on arbitrary files. Affected releases are systemd versions up to and including 239.
|
20-04-2023 - 18:38 | 26-10-2018 - 14:29 | |
CVE-2018-3970 | 2.1 |
An exploitable memory disclosure vulnerability exists in the 0x222000 IOCTL handler functionality of Sophos HitmanPro.Alert 3.7.6.744. A specially crafted IRP request can cause the driver to return uninitialized memory, resulting in kernel memory dis
|
02-02-2023 - 13:47 | 25-10-2018 - 18:29 | |
CVE-2018-3971 | 7.2 |
An exploitable arbitrary write vulnerability exists in the 0x2222CC IOCTL handler functionality of Sophos HitmanPro.Alert 3.7.6.744. A specially crafted IRP request can cause the driver to write data under controlled by an attacker address, resulting
|
02-02-2023 - 13:43 | 25-10-2018 - 18:29 | |
CVE-2018-15688 | 5.8 |
A buffer overflow vulnerability in the dhcp6 client of systemd allows a malicious dhcp6 server to overwrite heap memory in systemd-networkd. Affected releases are systemd: versions up to and including 239.
|
31-01-2022 - 18:30 | 26-10-2018 - 14:29 | |
CVE-2018-15686 | 7.2 |
A vulnerability in unit_deserialize of systemd allows an attacker to supply arbitrary state across systemd re-execution via NotifyAccess. This can be used to improperly influence systemd execution and possibly lead to root privilege escalation. Affec
|
31-01-2022 - 18:27 | 26-10-2018 - 14:29 | |
CVE-2018-18566 | 5.0 |
The SIP service in Polycom VVX 500 and 601 devices 5.8.0.12848 and earlier allow remote attackers to obtain sensitive phone configuration information by leveraging use with an on-premise installation with Skype for Business.
|
15-06-2021 - 15:04 | 24-10-2018 - 22:29 | |
CVE-2018-14665 | 7.2 |
A flaw was found in xorg-x11-server before 1.20.3. An incorrect permission check for -modulepath and -logfile options when starting Xorg. X server allows unprivileged users with the ability to log in to the system via physical console to escalate the
|
22-10-2019 - 23:15 | 25-10-2018 - 20:29 | |
CVE-2018-1541 | 3.5 |
IBM WebSphere Commerce Enterprise V7, V8, and V9 is vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials discl
|
09-10-2019 - 23:38 | 24-10-2018 - 12:29 | |
CVE-2018-11785 | 4.0 |
Missing authorization check in Apache Impala before 3.0.1 allows a Kerberos-authenticated but unauthorized user to inject random data into a running query, leading to wrong results for a query.
|
03-10-2019 - 00:03 | 24-10-2018 - 20:29 | |
CVE-2004-0609 | 5.0 |
rssh 2.0 through 2.1.x expands command line arguments before entering a chroot jail, which allows remote authenticated users to determine the existence of files in a directory outside the jail.
|
11-07-2017 - 01:30 | 06-12-2004 - 05:00 |