Vulnerabilities > Microsoft > Windows > High
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2018-11-09 | CVE-2018-1834 | Link Following vulnerability in IBM DB2 IBM DB2 for Linux, UNIX and Windows (includes DB2 Connect Server) 9.7, 10.1, 10.5, and 11.1 contains a vulnerability that could allow a local user to escalate their privileges to root through a symbolic link attack. | 7.2 |
| 2018-11-09 | CVE-2018-1781 | Link Following vulnerability in IBM DB2 IBM DB2 for Linux, UNIX and Windows (includes DB2 Connect Server) 9.7, 10.1, 10.5, and 11.1 could allow a local user to obtain root access by exploiting a symbolic link attack to read/write/corrupt a file that they originally did not have permission to access. | 7.2 |
| 2018-11-09 | CVE-2018-1780 | Link Following vulnerability in IBM DB2 IBM DB2 for Linux, UNIX and Windows (includes DB2 Connect Server) 9.7, 10.1, 10.5, and 11.1 could allow a local db2 instance owner to obtain root access by exploiting a symbolic link attack to read/write/corrupt a file that they originally did not have permission to access. | 7.2 |
| 2018-10-05 | CVE-2018-0438 | Improper Privilege Management vulnerability in Cisco Umbrella Enterprise Roaming Client A vulnerability in the Cisco Umbrella Enterprise Roaming Client (ERC) could allow an authenticated, local attacker to elevate privileges to Administrator. | 7.2 |
| 2018-10-05 | CVE-2018-0437 | Improper Privilege Management vulnerability in Cisco products A vulnerability in the Cisco Umbrella Enterprise Roaming Client (ERC) could allow an authenticated, local attacker to elevate privileges to Administrator. | 7.2 |
| 2018-09-25 | CVE-2018-12848 | Out-of-bounds Write vulnerability in Adobe Acrobat DC and Acrobat Reader DC Adobe Acrobat and Reader versions 2018.011.20058 and earlier, 2017.011.30099 and earlier, and 2015.006.30448 and earlier have an out-of-bounds write vulnerability. | 7.5 |
| 2018-08-30 | CVE-2018-15363 | Out-of-bounds Read vulnerability in Trendmicro products An Out-of-Bounds Read Privilege Escalation vulnerability in Trend Micro Security 2018 (Consumer) products could allow a local attacker to escalate privileges on vulnerable installations. | 7.2 |
| 2018-08-30 | CVE-2018-10514 | Improper Privilege Management vulnerability in Trendmicro products A Missing Impersonation Privilege Escalation vulnerability in Trend Micro Security 2018 (Consumer) products could allow a local attacker to escalate privileges on vulnerable installations. | 7.2 |
| 2018-08-30 | CVE-2018-10513 | Deserialization of Untrusted Data vulnerability in Trendmicro products A Deserialization of Untrusted Data Privilege Escalation vulnerability in Trend Micro Security 2018 (Consumer) products could allow a local attacker to escalate privileges on vulnerable installations. | 7.2 |
| 2018-08-29 | CVE-2018-12828 | Unspecified vulnerability in Adobe Flash Player Adobe Flash Player 30.0.0.134 and earlier have a "use of a component with a known vulnerability" vulnerability. | 7.5 |