Vulnerabilities > Microsoft > Windows > High
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2018-05-25 | CVE-2018-1488 | Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in IBM DB2 10.5/11.1 IBM DB2 for Linux, UNIX and Windows (includes DB2 Connect Server) 10.5 and 11.1 is vulnerable to a buffer overflow, which could allow an authenticated local attacker to execute arbitrary code on the system as root. | 7.2 |
| 2018-04-02 | CVE-2018-6251 | Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in Nvidia GPU Driver NVIDIA Windows GPU Display Driver contains a vulnerability in the DirectX 10 Usermode driver, where a specially crafted pixel shader can cause writing to unallocated memory, leading to denial of service or potential code execution. | 7.2 |
| 2018-04-02 | CVE-2018-6250 | NULL Pointer Dereference vulnerability in Nvidia GPU Driver NVIDIA Windows GPU Display Driver contains a vulnerability in the kernel mode layer (nvlddmkm.sys) handler for DxgkDdiEscape where a NULL pointer dereference occurs which may lead to denial of service or possible escalation of privileges. | 7.2 |
| 2018-04-02 | CVE-2018-6249 | NULL Pointer Dereference vulnerability in Nvidia GPU Driver NVIDIA GPU Display Driver contains a vulnerability in kernel mode layer handler where a NULL pointer dereference may lead to denial of service or potential escalation of privileges. | 7.2 |
| 2018-04-02 | CVE-2018-6248 | Out-of-bounds Read vulnerability in Nvidia GPU Driver NVIDIA Windows GPU Display Driver contains a vulnerability in the kernel mode layer handler for DxgkDdiEscape where the software uses a sequential operation to read or write a buffer, but it uses an incorrect length value that causes it to access memory that is outside of the bounds of the buffer which may lead to denial of service or possible escalation of privileges. | 7.2 |
| 2018-04-02 | CVE-2018-6247 | NULL Pointer Dereference vulnerability in Nvidia GPU Driver NVIDIA Windows GPU Display Driver contains a vulnerability in the kernel mode layer (nvlddmkm.sys) handler for DxgkDdiEscape where a NULL pointer dereference may lead to denial of service or possible escalation of privileges. | 7.2 |
| 2018-02-15 | CVE-2017-12545 | NULL Pointer Dereference vulnerability in HP System Management Homepage A remote denial of service vulnerability in HPE System Management Homepage for Windows and Linux version prior to v7.6.1 was found. | 7.8 |
| 2018-02-12 | CVE-2016-8742 | Permissions, Privileges, and Access Controls vulnerability in Apache Couchdb 2.0.0 The Windows installer that the Apache CouchDB team provides was vulnerable to local privilege escalation. | 7.2 |
| 2017-12-16 | CVE-2017-3196 | Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in Rawether Project Rawether PCAUSA Rawether framework does not properly validate BPF data, allowing a crafted malicious BPF program to perform operations on memory outside of its typical bounds on the driver's receipt of network packets. | 7.2 |
| 2017-12-14 | CVE-2017-17671 | Path Traversal vulnerability in Vbulletin vBulletin through 5.3.x on Windows allows remote PHP code execution because a require_once call is reachable with an unauthenticated request that can include directory traversal sequences to specify an arbitrary pathname, and because ../ traversal is blocked but ..\ traversal is not blocked. | 7.5 |