CVE-2018-1129
- EPSS 1.9%
- Veröffentlicht 10.07.2018 14:29:00
- Zuletzt bearbeitet 21.11.2024 03:59:15
A flaw was found in the way signature calculation was handled by cephx authentication protocol. An attacker having access to ceph cluster network who is able to alter the message payload was able to bypass signature checks done by cephx protocol. Cep...
CVE-2018-10892
- EPSS 1.14%
- Veröffentlicht 06.07.2018 16:29:00
- Zuletzt bearbeitet 21.11.2024 03:42:14
The default OCI linux spec in oci/defaults{_linux}.go in Docker/Moby from 1.11 to current does not block /proc/acpi pathnames. The flaw allows an attacker to modify host's hardware like enabling/disabling bluetooth or turning up/down keyboard brightn...
CVE-2018-3760
- EPSS 26.72%
- Veröffentlicht 26.06.2018 19:29:00
- Zuletzt bearbeitet 21.11.2024 04:06:01
There is an information leak vulnerability in Sprockets. Versions Affected: 4.0.0.beta7 and lower, 3.7.1 and lower, 2.12.4 and lower. Specially crafted requests can be used to access files that exists on the filesystem that is outside an application'...
CVE-2018-3665
- EPSS 0.61%
- Veröffentlicht 21.06.2018 20:29:00
- Zuletzt bearbeitet 21.11.2024 04:05:51
System software utilizing Lazy FP state restore technique on systems using Intel Core-based microprocessors may potentially allow a local process to infer data from another process through a speculative execution side channel.
CVE-2018-10850
- EPSS 1.57%
- Veröffentlicht 13.06.2018 20:29:00
- Zuletzt bearbeitet 21.11.2024 03:42:08
389-ds-base before versions 1.4.0.10, 1.3.8.3 is vulnerable to a race condition in the way 389-ds-base handles persistent search, resulting in a crash if the server is under load. An anonymous attacker could use this flaw to trigger a denial of servi...
CVE-2018-5184
- EPSS 1.8%
- Veröffentlicht 11.06.2018 21:29:16
- Zuletzt bearbeitet 21.11.2024 04:08:17
Using remote content in encrypted messages can lead to the disclosure of plaintext. This vulnerability affects Thunderbird ESR < 52.8 and Thunderbird < 52.8.
CVE-2018-5117
- EPSS 2.39%
- Veröffentlicht 11.06.2018 21:29:13
- Zuletzt bearbeitet 25.11.2025 17:50:16
If right-to-left text is used in the addressbar with left-to-right alignment, it is possible in some circumstances to scroll this text to spoof the displayed URL. This issue could result in the wrong URL being displayed as a location, which can misle...
CVE-2017-7848
- EPSS 1.76%
- Veröffentlicht 11.06.2018 21:29:12
- Zuletzt bearbeitet 21.11.2024 03:32:47
RSS fields can inject new lines into the created email structure, modifying the message body. This vulnerability affects Thunderbird < 52.5.2.
CVE-2018-5091
- EPSS 3.39%
- Veröffentlicht 11.06.2018 21:29:12
- Zuletzt bearbeitet 25.11.2025 17:50:16
A use-after-free vulnerability can occur during WebRTC connections when interacting with the DTMF timers. This results in a potentially exploitable crash. This vulnerability affects Firefox ESR < 52.6 and Firefox < 58.
CVE-2018-5095
- EPSS 4.27%
- Veröffentlicht 11.06.2018 21:29:12
- Zuletzt bearbeitet 25.11.2025 17:50:16
An integer overflow vulnerability in the Skia library when allocating memory for edge builders on some systems with at least 8 GB of RAM. This results in the use of uninitialized memory, resulting in a potentially exploitable crash. This vulnerabilit...