NIST National Vulnerability Database

  • CVE-2018-5728
    Cobham Sea Tel 121 build 222701 devices allow remote attackers to obtain potentially sensitive information via a /cgi-bin/getSysStatus request, as demonstrated by the Latitude/Longitude of the ship, or satellite details. ... Read more ...
    Source: NIST NVDPublished on 2018-01-16
  • CVE-2018-5299
    A stack-based Buffer Overflow Vulnerability exists in the web server in Pulse Secure Pulse Connect Secure (PCS) before 8.3R4 and Pulse Policy Secure (PPS) before 5.4R4, leading to memory corruption and possibly remote code execution. ... Read more ...
    Source: NIST NVDPublished on 2018-01-16
  • CVE-2018-5723
    MASTER IPCAMERA01 3.3.4.2103 devices have a hardcoded password of cat1029 for the root account. ... Read more ...
    Source: NIST NVDPublished on 2018-01-16
  • CVE-2018-5724
    MASTER IPCAMERA01 3.3.4.2103 devices allow Unauthenticated Configuration Download and Upload, as demonstrated by restore.cgi. ... Read more ...
    Source: NIST NVDPublished on 2018-01-16
  • CVE-2018-5726
    MASTER IPCAMERA01 3.3.4.2103 devices allow remote attackers to obtain sensitive information via a crafted HTTP request, as demonstrated by the username, password, and configuration settings. ... Read more ...
    Source: NIST NVDPublished on 2018-01-16
  • CVE-2018-5727
    In OpenJPEG 2.3.0, there is an integer overflow vulnerability in the opj_t1_encode_cblks function (openjp2/t1.c). Remote attackers could leverage this vulnerability to cause a denial of service via a crafted bmp file. ... Read more ...
    Source: NIST NVDPublished on 2018-01-16
  • CVE-2018-5725
    MASTER IPCAMERA01 3.3.4.2103 devices allow Unauthenticated Configuration Change, as demonstrated by the port number of the web server. ... Read more ...
    Source: NIST NVDPublished on 2018-01-16
  • CVE-2017-17947
    A cross site scripting issue has been found in custompage.cgi in Pulse Secure Pulse Connect Secure (PCS) before 8.0R17.0, 8.1.x before 8.1R13, 8.2.x before 8.2R9, and 8.3.x before 8.3R3 and Pulse Policy Secure (PPS) before 5.2R10, 5.3.x before 5.3R9, and 5.4.x before 5.4R3 due to one of the URL parameters ... Read more ...
    Source: NIST NVDPublished on 2018-01-16
  • CVE-2018-1000004
    In the Linux kernel 4.12, 3.10, 2.6 and possibly earlier versions a race condition vulnerability exists in the sound system, this can lead to a deadlock and denial of service condition. ... Read more ...
    Source: NIST NVDPublished on 2018-01-16
  • CVE-2018-5715
    phprint.php in SugarCRM 3.5.1 has XSS via a parameter name in the query string (aka a $key variable). ... Read more ...
    Source: NIST NVDPublished on 2018-01-16