Writeup Exploits

62,858 exploits tracked across all sources.

Sort: Activity Stars
CVE-2018-11596 WRITEUP MEDIUM
Espruino < 1.99 - Denial of Service via Buffer Overflow in Syntax Parser
Espruino before 1.99 allows attackers to cause a denial of service (application crash) with a user crafted input file via a Buffer Overflow during syntax parsing because a check for '\0' is made for the wrong array element in jsvar.c.
CVSS 5.5
CVE-2018-11595 WRITEUP HIGH
Espruino < 1.99 - Denial of Service and Privilege Escalation via Buffer Overflow in Syntax Parser
Espruino before 1.99 allows attackers to cause a denial of service (application crash) and a potential Escalation of Privileges with a user crafted input file via a Buffer Overflow during syntax parsing, because strncat is misused.
CVSS 7.8
CVE-2018-11595 WRITEUP HIGH
Espruino < 1.99 - Denial of Service and Privilege Escalation via Buffer Overflow in Syntax Parser
Espruino before 1.99 allows attackers to cause a denial of service (application crash) and a potential Escalation of Privileges with a user crafted input file via a Buffer Overflow during syntax parsing, because strncat is misused.
CVSS 7.8
CVE-2018-11595 WRITEUP HIGH
Espruino < 1.99 - Denial of Service and Privilege Escalation via Buffer Overflow in Syntax Parser
Espruino before 1.99 allows attackers to cause a denial of service (application crash) and a potential Escalation of Privileges with a user crafted input file via a Buffer Overflow during syntax parsing, because strncat is misused.
CVSS 7.8
CVE-2018-11595 WRITEUP HIGH
Espruino < 1.99 - Denial of Service and Privilege Escalation via Buffer Overflow in Syntax Parser
Espruino before 1.99 allows attackers to cause a denial of service (application crash) and a potential Escalation of Privileges with a user crafted input file via a Buffer Overflow during syntax parsing, because strncat is misused.
CVSS 7.8
CVE-2018-11594 WRITEUP MEDIUM
Espruino < 1.99 - Denial of Service via Buffer Overflow in jsparse.c VOID Token Parsing
Espruino before 1.99 allows attackers to cause a denial of service (application crash) with a user crafted input file via a Buffer Overflow during syntax parsing of "VOID" tokens in jsparse.c.
CVSS 5.5
CVE-2018-11594 WRITEUP MEDIUM
Espruino < 1.99 - Denial of Service via Buffer Overflow in jsparse.c VOID Token Parsing
Espruino before 1.99 allows attackers to cause a denial of service (application crash) with a user crafted input file via a Buffer Overflow during syntax parsing of "VOID" tokens in jsparse.c.
CVSS 5.5
CVE-2018-11593 WRITEUP HIGH
Espruino < 1.99 - Denial of Service and Information Disclosure via Buffer Overflow in jslex.c
Espruino before 1.99 allows attackers to cause a denial of service (application crash) and potential Information Disclosure with a user crafted input file via a Buffer Overflow during syntax parsing because strncpy is misused in jslex.c.
CVSS 7.1
CVE-2018-11593 WRITEUP HIGH
Espruino < 1.99 - Denial of Service and Information Disclosure via Buffer Overflow in jslex.c
Espruino before 1.99 allows attackers to cause a denial of service (application crash) and potential Information Disclosure with a user crafted input file via a Buffer Overflow during syntax parsing because strncpy is misused in jslex.c.
CVSS 7.1
CVE-2018-11592 WRITEUP MEDIUM
Espruino < 1.98 - Denial of Service via Out-of-bounds Read in Graphics Library
Espruino before 1.98 allows attackers to cause a denial of service (application crash) with a user crafted input file via an Out-of-bounds Read during syntax parsing in which certain height validation is missing in libs/graphics/jswrap_graphics.c.
CVSS 5.5
CVE-2018-11592 WRITEUP MEDIUM
Espruino < 1.98 - Denial of Service via Out-of-bounds Read in Graphics Library
Espruino before 1.98 allows attackers to cause a denial of service (application crash) with a user crafted input file via an Out-of-bounds Read during syntax parsing in which certain height validation is missing in libs/graphics/jswrap_graphics.c.
CVSS 5.5
CVE-2018-11591 WRITEUP MEDIUM
Espruino < 1.98 - Denial of Service via NULL Pointer Dereference in Syntax Parser
Espruino before 1.98 allows attackers to cause a denial of service (application crash) with a user crafted input file via a NULL pointer dereference during syntax parsing. This was addressed by adding validation for a debug trace print statement in jsvar.c.
CVSS 5.5
CVE-2018-11591 WRITEUP MEDIUM
Espruino < 1.98 - Denial of Service via NULL Pointer Dereference in Syntax Parser
Espruino before 1.98 allows attackers to cause a denial of service (application crash) with a user crafted input file via a NULL pointer dereference during syntax parsing. This was addressed by adding validation for a debug trace print statement in jsvar.c.
CVSS 5.5
CVE-2018-11590 WRITEUP MEDIUM
Espruino < 1.99 - Denial of Service via Integer Overflow in Syntax Parser
Espruino before 1.99 allows attackers to cause a denial of service (application crash) with a user crafted input file via an integer overflow during syntax parsing. This was addressed by fixing stack size detection on Linux in jsutils.c.
CVSS 5.5
CVE-2018-11590 WRITEUP MEDIUM
Espruino < 1.99 - Denial of Service via Integer Overflow in Syntax Parser
Espruino before 1.99 allows attackers to cause a denial of service (application crash) with a user crafted input file via an integer overflow during syntax parsing. This was addressed by fixing stack size detection on Linux in jsutils.c.
CVSS 5.5
CVE-2018-11628 WRITEUP MEDIUM
EMS Master Calendar < 8.0.0.201805210 - Cross-Site Scripting via URL Parameters
Data input into EMS Master Calendar before 8.0.0.201805210 via URL parameters is not properly sanitized, allowing malicious attackers to send a crafted URL for XSS.
CVSS 6.1
CVE-2018-11631 WRITEUP MEDIUM
Rondaful M1 Wristband Smart Band 1 - Info Disclosure
Rondaful M1 Wristband Smart Band 1 devices allow remote attackers to send an arbitrary number of call or SMS notifications via crafted Bluetooth Low Energy (BLE) traffic.
CVSS 4.3
CVE-2018-11647 WRITEUP MEDIUM
oauth2orize-fprm < 0.2.1 - Cross-Site Scripting via Crafted URL
index.js in oauth2orize-fprm before 0.2.1 has XSS via a crafted URL.
CVSS 6.1
CVE-2018-11652 WRITEUP CRITICAL
Nikto < 2.1.6 - CSV Injection via Server Field in HTTP Response Header
CSV Injection vulnerability in Nikto 2.1.6 and earlier allows remote attackers to inject arbitrary OS commands via the Server field in an HTTP response header, which is directly injected into a CSV report.
CVSS 9.8
CVE-2018-11813 WRITEUP HIGH
libjpeg 9c - Denial of Service via Excessive Iteration in read_pixel
libjpeg 9c has a large loop because read_pixel in rdtarga.c mishandles EOF.
CVSS 7.5
CVE-2018-12018 WRITEUP HIGH
Go Ethereum < 1.8.11 - Denial of Service via LES GetBlockHeadersMsg Integer Signedness Error
The GetBlockHeadersMsg handler in the LES protocol implementation in Go Ethereum (aka geth) before 1.8.11 may lead to an access violation because of an integer signedness error for the array index, which allows attackers to launch a Denial of Service attack by sending a packet with a -1 query.Skip value. The vulnerable remote node would be crashed by such an attack immediately, aka the EPoD (Ethereum Packet of Death) issue.
CVSS 7.5
CVE-2018-12019 WRITEUP HIGH
Enigmail < 2.0.7 - Cryptographic Signature Spoofing via Crafted Primary User IDs
The signature verification routine in Enigmail before 2.0.7 interprets user ids as status/control messages and does not correctly keep track of the status of multiple signatures, which allows remote attackers to spoof arbitrary email signatures via public keys containing crafted primary user ids.
CVSS 7.5
CVE-2018-12020 WRITEUP HIGH
GnuPG <2.2.8 - Info Disclosure
mainproc.c in GnuPG before 2.2.8 mishandles the original filename during decryption and verification actions, which allows remote attackers to spoof the output that GnuPG sends on file descriptor 2 to other programs that use the "--status-fd 2" option. For example, the OpenPGP data might represent an original filename that contains line feed characters in conjunction with GOODSIG or VALIDSIG status codes.
CVSS 7.5
CVE-2018-12022 WRITEUP HIGH
FasterXML jackson-databind <2.7.9.4, 2.8.11.2, 2.9.6 - Code Injection
An issue was discovered in FasterXML jackson-databind prior to 2.7.9.4, 2.8.11.2, and 2.9.6. When Default Typing is enabled (either globally or for a specific property), the service has the Jodd-db jar (for database access for the Jodd framework) in the classpath, and an attacker can provide an LDAP service to access, it is possible to make the service execute a malicious payload.
CVSS 7.5
CVE-2018-12023 WRITEUP HIGH
FasterXML jackson-databind <2.7.9.4-2.8.11.2-2.9.6 - Code Injection
An issue was discovered in FasterXML jackson-databind prior to 2.7.9.4, 2.8.11.2, and 2.9.6. When Default Typing is enabled (either globally or for a specific property), the service has the Oracle JDBC jar in the classpath, and an attacker can provide an LDAP service to access, it is possible to make the service execute a malicious payload.
CVSS 7.5