National Vulnerability Database

National Vulnerability Database

National Vulnerability
Database

    General NVD Dashboard

NVD Dashboard

CVEs Received and Processed

CVEs Received and Processed

Please Wait

Time Period New CVEs Received by NVD New CVEs Analyzed by NVD Modified CVEs Received by NVD Modified CVEs Re-analyzed by NVD
Today {{data.count}}
This Week {{data.count}}
This Month {{data.count}}
Last Month {{data.count}}
This Year {{data.count}}

CVE Status Count

Please Wait

CVE Status Count

{{data.name}} {{data.count}}

CVSS Score Spread

Please Wait

CVSS V3 Score Distribution

Severity Number of Vulns
{{data.name}} {{data.count}}

CVSS V2 Score Distribution

Severity Number of Vulns
{{data.name}} {{data.count}}
Last 20 Scored Vulnerability IDs & Summaries CVSS Severity

  • CVE-2018-16549 HScripts PHP File Browser Script v1.0 allows Directory Traversal via the index.php path parameter.
    Published: September 05, 2018; 05:29:03 PM -04:00

    V3: 5.3 MEDIUM
     V2: 5.0 MEDIUM

  • CVE-2018-17439 An issue was discovered in the HDF HDF5 1.10.3 library. There is a stack-based buffer overflow in the function H5S_extent_get_dims() in H5S.c. Specifically, this issue occurs while converting an HDF5 file to a GIF file.
    Published: September 24, 2018; 10:29:01 AM -04:00

    V3: 6.5 MEDIUM
     V2: 4.3 MEDIUM

  • CVE-2018-17437 Memory leak in the H5O_dtype_decode_helper() function in H5Odtype.c in the HDF HDF5 through 1.10.3 library allows attackers to cause a denial of service (memory consumption) via a crafted HDF5 file.
    Published: September 24, 2018; 10:29:01 AM -04:00

    V3: 6.5 MEDIUM
     V2: 4.3 MEDIUM

  • CVE-2018-17436 ReadCode() in decompress.c in the HDF HDF5 through 1.10.3 library allows attackers to cause a denial of service (invalid write access) via a crafted HDF5 file. This issue was triggered while converting a GIF file to an HDF file.
    Published: September 24, 2018; 10:29:00 AM -04:00

    V3: 6.5 MEDIUM
     V2: 4.3 MEDIUM

  • CVE-2018-17435 A heap-based buffer over-read in H5O_attr_decode() in H5Oattr.c in the HDF HDF5 through 1.10.3 library allows attackers to cause a denial of service via a crafted HDF5 file. This issue was triggered while converting an HDF file to GIF file.
    Published: September 24, 2018; 10:29:00 AM -04:00

    V3: 6.5 MEDIUM
     V2: 4.3 MEDIUM

  • CVE-2018-17438 A SIGFPE signal is raised in the function H5D__select_io() of H5Dselect.c in the HDF HDF5 through 1.10.3 library during an attempted parse of a crafted HDF file, because of incorrect protection against division by zero. It could allow a remote denial... read CVE-2018-17438
    Published: September 24, 2018; 10:29:01 AM -04:00

    V3: 6.5 MEDIUM
     V2: 4.3 MEDIUM

  • CVE-2018-17050 The mintToken function of a smart contract implementation for PolyAi (AI), an Ethereum token, has an integer overflow that allows the owner of the contract to set the balance of an arbitrary user to any value.
    Published: September 21, 2018; 01:29:06 PM -04:00

    V3: 7.5 HIGH
     V2: 5.0 MEDIUM

  • CVE-2018-12078 The mintToken function of a smart contract implementation for PolyAI (AI), a tradable Ethereum ERC20 token, has no period constraint, which allows the owner to increase the total supply of the digital assets arbitrarily so as to make profits, aka the... read CVE-2018-12078
    Published: June 25, 2018; 07:29:00 AM -04:00

    V3: 7.5 HIGH
     V2: 5.0 MEDIUM

  • CVE-2018-3873 An exploitable buffer overflow vulnerability exists in the credentials handler of video-core's HTTP server of Samsung SmartThings Hub STH-ETH-250-Firmware version 0.20.17. The strncpy overflows the destination buffer, which has a size of 128 bytes. A... read CVE-2018-3873
    Published: September 21, 2018; 10:29:00 AM -04:00

    V3: 8.8 HIGH
     V2: 9.0 HIGH

  • CVE-2018-3874 An exploitable buffer overflow vulnerability exists in the credentials handler of video-core's HTTP server of Samsung SmartThings Hub STH-ETH-250-Firmware version 0.20.17. The strncpy overflows the destination buffer, which has a size of 32 bytes. An... read CVE-2018-3874
    Published: September 21, 2018; 10:29:00 AM -04:00

    V3: 8.8 HIGH
     V2: 9.0 HIGH

  • CVE-2018-3877 An exploitable buffer overflow vulnerability exists in the credentials handler of video-core's HTTP server of Samsung SmartThings Hub STH-ETH-250-Firmware version 0.20.17. The strncpy overflows the destination buffer, which has a size of 160 bytes. A... read CVE-2018-3877
    Published: September 21, 2018; 10:29:00 AM -04:00

    V3: 8.8 HIGH
     V2: 9.0 HIGH

  • CVE-2018-3876 An exploitable buffer overflow vulnerability exists in the credentials handler of video-core's HTTP server of Samsung SmartThings Hub STH-ETH-250-Firmware version 0.20.17. The strncpy overflows the destination buffer, which has a size of 64 bytes. An... read CVE-2018-3876
    Published: September 21, 2018; 10:29:00 AM -04:00

    V3: 8.8 HIGH
     V2: 9.0 HIGH

  • CVE-2018-3916 An exploitable stack-based buffer overflow vulnerability exists in the retrieval of database fields in the video-core HTTP server of the Samsung SmartThings Hub STH-ETH-250 - Firmware version 0.20.17. The strcpy call overflows the destination buffer,... read CVE-2018-3916
    Published: August 28, 2018; 04:29:00 PM -04:00

    V3: 7.8 HIGH
     V2: 7.2 HIGH

  • CVE-2018-3895 An exploitable buffer overflow vulnerability exists in the /cameras/XXXX/clips handler of video-core's HTTP server of Samsung SmartThings Hub STH-ETH-250 Firmware version 0.20.17. The strncpy call overflows the destination buffer, which has a size of... read CVE-2018-3895
    Published: August 28, 2018; 03:29:19 PM -04:00

    V3: 8.8 HIGH
     V2: 9.0 HIGH

  • CVE-2018-3864 An exploitable buffer overflow vulnerability exists in the Samsung WifiScan handler of video-core's HTTP server of Samsung SmartThings Hub STH-ETH-250 - Firmware version 0.20.17. The strcpy overflows the destination buffer, which has a size of 40 byt... read CVE-2018-3864
    Published: September 20, 2018; 11:29:00 AM -04:00

    V3: 8.8 HIGH
     V2: 9.0 HIGH

  • CVE-2018-3865 An exploitable buffer overflow vulnerability exists in the Samsung WifiScan handler of video-core's HTTP server of Samsung SmartThings Hub STH-ETH-250 - Firmware version 0.20.17. The strcpy overflows the destination buffer, which has a size of 40 byt... read CVE-2018-3865
    Published: September 20, 2018; 11:29:00 AM -04:00

    V3: 8.8 HIGH
     V2: 9.0 HIGH

  • CVE-2018-3908 An exploitable vulnerability exists in the REST parser of video-core's HTTP server of the Samsung SmartThings Hub STH-ETH-250-Firmware version 0.20.17. The video-core process incorrectly handles pipelined HTTP requests, which allows successive reques... read CVE-2018-3908
    Published: August 28, 2018; 03:29:19 PM -04:00

    V3: 7.5 HIGH
     V2: 6.4 MEDIUM

  • CVE-2018-3893 An exploitable buffer overflow vulnerability exists in the /cameras/XXXX/clips handler of video-core's HTTP server of Samsung SmartThings Hub STH-ETH-250 - Firmware version 0.20.17. The video-core process incorrectly extracts fields from a user-contr... read CVE-2018-3893
    Published: August 27, 2018; 11:29:00 AM -04:00

    V3: 8.8 HIGH
     V2: 9.0 HIGH

  • CVE-2018-3904 An exploitable buffer overflow vulnerability exists in the camera 'update' feature of video-core's HTTP server of Samsung SmartThings Hub STH-ETH-250 - Firmware version 0.20.17. The video-core process incorrectly extracts fields from a user-controlle... read CVE-2018-3904
    Published: August 27, 2018; 11:29:01 AM -04:00

    V3: 9.9 CRITICAL
     V2: 9.0 HIGH

  • CVE-2018-3918 An exploitable vulnerability exists in the remote servers of Samsung SmartThings Hub STH-ETH-250 - Firmware version 0.20.17. The hubCore process listens on port 39500 and relays any unauthenticated messages to SmartThings' remote servers, which incor... read CVE-2018-3918
    Published: August 27, 2018; 11:29:01 AM -04:00

    V3: 7.5 HIGH
     V2: 6.4 MEDIUM