Max CVSS 7.9 Min CVSS 4.3 Total Count2
IDCVSSSummaryLast (major) updatePublished
CVE-2018-8088 7.5
org.slf4j.ext.EventData in the slf4j-ext module in QOS.CH SLF4J before 1.8.0-beta2 allows remote attackers to bypass intended access restrictions via crafted data.
29-03-2021 - 03:15 20-03-2018 - 16:29
CVE-2018-5968 6.8
FasterXML jackson-databind through 2.8.11 and 2.9.x through 2.9.3 allows unauthenticated remote code execution because of an incomplete fix for the CVE-2017-7525 and CVE-2017-17485 deserialization flaws. This is exploitable via two different gadgets
21-01-2021 - 16:22 22-01-2018 - 04:29
CVE-2018-1073 5.0
The web console login form in ovirt-engine before version 4.2.3 returned different errors for non-existent users and invalid passwords, allowing an attacker to discover the names of valid user accounts.
08-12-2020 - 01:03 19-06-2018 - 12:29
CVE-2018-7750 7.5
transport.py in the SSH server implementation of Paramiko before 1.17.6, 1.18.x before 1.18.5, 2.0.x before 2.0.8, 2.1.x before 2.1.5, 2.2.x before 2.2.3, 2.3.x before 2.3.2, and 2.4.x before 2.4.1 does not properly check whether authentication is co
15-10-2020 - 13:31 13-03-2018 - 18:29
CVE-2017-12196 4.3
undertow before versions 1.4.18.SP1, 2.0.2.Final, 1.4.24.Final was found vulnerable when using Digest authentication, the server does not ensure that the value of URI in the Authorization header matches the URI in HTTP request line. This allows the a
09-10-2019 - 23:22 18-04-2018 - 01:29
CVE-2018-1111 7.9
DHCP packages in Red Hat Enterprise Linux 6 and 7, Fedora 28, and earlier are vulnerable to a command injection flaw in the NetworkManager integration script included in the DHCP client. A malicious DHCP server, or an attacker on the local network ab
03-10-2019 - 00:03 17-05-2018 - 16:29
Back to Top Mark selected
Back to Top