| Max CVSS | 7.8 | Min CVSS | 4.3 | Total Count | 2 |
| ID | CVSS | Summary | Last (major) update | Published | |
| CVE-2018-11770 | 4.9 |
From version 1.3.0 onward, Apache Spark's standalone master exposes a REST API for job submission, in addition to the submission mechanism used by spark-submit. In standalone, the config property 'spark.authenticate.secret' establishes a shared secre
|
10-06-2024 - 19:15 | 13-08-2018 - 16:29 | |
| CVE-2016-4975 | 4.3 |
Possible CRLF injection allowing HTTP response splitting attacks for sites which use mod_userdir. This issue was mitigated by changes made in 2.4.25 and 2.2.32 which prohibit CR or LF injection into the "Location" or other outbound header key or valu
|
06-06-2021 - 11:15 | 14-08-2018 - 12:29 | |
| CVE-2018-5235 | 4.4 |
Norton Utilities (prior to 16.0.3.44) may be susceptible to a DLL Preloading vulnerability, which is a type of issue that can occur when an application looks to call a DLL for execution and an attacker provides a malicious DLL to use instead. Dependi
|
24-08-2020 - 17:37 | 22-08-2018 - 17:29 | |
| CVE-2018-2451 | 6.0 |
XS Command-Line Interface (CLI) user sessions with the SAP HANA Extended Application Services (XS), version 1, advanced server may have an unintentional prolonged period of validity. Consequently, a platform user could access controller resources via
|
24-08-2020 - 17:37 | 14-08-2018 - 16:29 | |
| CVE-2018-2441 | 5.5 |
Under certain conditions the SAP Change and Transport System (ABAP), SAP KERNEL 32 NUC, SAP KERNEL 32 Unicode, SAP KERNEL 64 NUC, SAP KERNEL 64 Unicode 7.21, 7.21EXT, 7.22 and 7.22EXT; SAP KERNEL 7.21, 7.22, 7.45, 7.49, 7.53 and 7.73, allows an attac
|
24-08-2020 - 17:37 | 14-08-2018 - 16:29 | |
| CVE-2018-15209 | 6.8 |
ChopUpSingleUncompressedStrip in tif_dirread.c in LibTIFF 4.0.9 allows remote attackers to cause a denial of service (heap-based buffer overflow and application crash) or possibly have unspecified other impact via a crafted TIFF file, as demonstrated
|
24-08-2020 - 17:37 | 08-08-2018 - 04:29 | |
| CVE-2018-0410 | 7.8 |
A vulnerability in the web proxy functionality of Cisco AsyncOS Software for Cisco Web Security Appliances could allow an unauthenticated, remote attacker to exhaust system memory and cause a denial of service (DoS) condition on an affected system. T
|
09-10-2019 - 23:32 | 15-08-2018 - 20:29 | |
| CVE-2018-6973 | 7.2 |
VMware Workstation (14.x before 14.1.3) and Fusion (10.x before 10.1.3) contain an out-of-bounds write vulnerability in the e1000 device. This issue may allow a guest to execute code on the host.
|
15-10-2018 - 18:35 | 15-08-2018 - 12:29 | |
| CVE-2018-13392 | 4.3 |
Several resources in Atlassian Fisheye and Crucible before version 4.6.0 allow remote attackers to inject arbitrary HTML or JavaScript via a cross site scripting (XSS) vulnerability in linked issue keys.
|
10-10-2018 - 16:24 | 13-08-2018 - 13:29 | |
| CVE-2004-2417 | 7.5 |
Format string vulnerability in smtp.c for smtp.proxy 1.1.3 and earlier allows remote attackers to execute arbitrary code via format string specifiers in the (1) client hostname or (2) message-id, which are injected into a syslog message.
|
11-07-2017 - 01:31 | 31-12-2004 - 05:00 |