Vulnerabilities > External Control of Critical State Data

DATE CVE VULNERABILITY TITLE RISK
2018-10-05 CVE-2018-15382 External Control of Critical State Data vulnerability in Cisco Hyperflex HX Data Platform 3.0(1A)
A vulnerability in Cisco HyperFlex Software could allow an unauthenticated, remote attacker to generate valid, signed session tokens.
network
low complexity
cisco CWE-642
8.6
2018-06-04 CVE-2017-0928 External Control of Critical State Data vulnerability in Theguardian Html-Janitor 2.0.2
html-janitor node module suffers from an External Control of Critical State Data vulnerability via user-control of the '_sanitized' variable causing sanitization to be bypassed.
network
low complexity
theguardian CWE-642
6.1