Vulnerabilities > Microsoft > Windows > Medium
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2018-04-03 | CVE-2017-13885 | Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in Apple products An issue was discovered in certain Apple products. | 6.8 |
| 2018-04-03 | CVE-2017-13884 | Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in Apple products An issue was discovered in certain Apple products. | 6.8 |
| 2018-04-02 | CVE-2018-6253 | Infinite Loop vulnerability in Nvidia GPU Driver NVIDIA GPU Display Driver contains a vulnerability in the DirectX and OpenGL Usermode drivers where a specially crafted pixel shader can cause infinite recursion leading to denial of service. | 4.9 |
| 2018-04-02 | CVE-2018-6252 | Unspecified vulnerability in Nvidia GPU Driver NVIDIA Windows GPU Display Driver contains a vulnerability in the kernel mode layer handler for DxgkDdiEscape where the software allows an actor access to restricted functionality that is unnecessary to production usage, and which may result in denial of service. | 4.9 |
| 2018-03-25 | CVE-2018-7719 | Path Traversal vulnerability in Acrolinx Server Acrolinx Server before 5.2.5 on Windows allows Directory Traversal. | 5.0 |
| 2018-03-22 | CVE-2018-1426 | Incorrect Usage of Seeds in Pseudo-Random Number Generator (PRNG) vulnerability in IBM DB2 IBM GSKit (IBM DB2 for Linux, UNIX and Windows 9.7, 10.1, 10.5, and 11.1) duplicates the PRNG state across fork() system calls when multiple ICC instances are loaded which could result in duplicate Session IDs and a risk of duplicate key material. | 6.4 |
| 2018-03-22 | CVE-2017-1677 | Deserialization of Untrusted Data vulnerability in IBM DB2 IBM Data Server Driver for JDBC and SQLJ (IBM DB2 for Linux, UNIX and Windows 9.7, 10.1, 10.5, and 11.1) deserializes the contents of /tmp/connlicj.bin which leads to object injection and potentially arbitrary code execution depending on the classpath. | 4.6 |
| 2018-03-04 | CVE-2018-7449 | Improper Input Validation vulnerability in Segger Embos/Ip FTP Server 3.22 SEGGER FTP Server for Windows before 3.22a allows remote attackers to cause a denial of service (daemon crash) via an invalid LIST, STOR, or RETR command. | 5.0 |
| 2018-02-18 | CVE-2018-7212 | Path Traversal vulnerability in Sinatrarb Sinatra 2.0.0/2.0.1 An issue was discovered in rack-protection/lib/rack/protection/path_traversal.rb in Sinatra 2.x before 2.0.1 on Windows. | 5.0 |
| 2018-02-15 | CVE-2017-12553 | Unspecified vulnerability in HP System Management Homepage A local authentication bypass vulnerability in HPE System Management Homepage for Windows and Linux version prior to v7.6.1 was found. | 5.5 |