| 2018-07-10 | CVE-2018-3693 | Systems with microprocessors utilizing speculative execution and branch prediction may allow unauthorized disclosure of information to an attacker with local user access via a speculative buffer overflow and side-channel analysis. | 5.6 |
| 2018-07-05 | CVE-2018-8026 | XXE vulnerability in multiple products
This vulnerability in Apache Solr 6.0.0 to 6.6.4 and 7.0.0 to 7.3.1 relates to an XML external entity expansion (XXE) in Solr config files (currency.xml, enumsConfig.xml referred from schema.xml, TIKA parsecontext config file). | 5.5 |
| 2018-06-22 | CVE-2017-7568 | Information Exposure vulnerability in Netapp Oncommand Unified Manager 5.1/5.2.1/5.2.2
NetApp OnCommand Unified Manager for 7-Mode (core package) versions prior to 5.2.3 may disclose sensitive LDAP account information to authenticated users when the LDAP authentication configuration is tested via the user interface. | 5.3 |
| 2018-06-11 | CVE-2018-12099 | Cross-site Scripting vulnerability in multiple products
Grafana before 5.2.0-beta1 has XSS vulnerabilities in dashboard links. | 6.1 |
| 2018-06-07 | CVE-2018-3721 | lodash node module before 4.17.5 suffers from a Modification of Assumed-Immutable Data (MAID) vulnerability via defaultsDeep, merge, and mergeWith functions, which allows a malicious user to modify the prototype of "Object" via __proto__, causing the addition or modification of an existing property that will exist on all objects. | 6.5 |
| 2018-05-16 | CVE-2018-11212 | Divide By Zero vulnerability in multiple products
An issue was discovered in libjpeg 9a and 9d. | 6.5 |
| 2018-05-07 | CVE-2018-1413 | Cross-site Scripting vulnerability in multiple products
IBM Cognos Analytics 11.0 is vulnerable to cross-site scripting. | 5.4 |
| 2018-04-29 | CVE-2018-10547 | Cross-site Scripting vulnerability in multiple products
An issue was discovered in ext/phar/phar_object.c in PHP before 5.6.36, 7.0.x before 7.0.30, 7.1.x before 7.1.17, and 7.2.x before 7.2.5. | 6.1 |
| 2018-04-29 | CVE-2018-10545 | Information Exposure vulnerability in multiple products
An issue was discovered in PHP before 5.6.35, 7.0.x before 7.0.29, 7.1.x before 7.1.16, and 7.2.x before 7.2.4. | 4.7 |
| 2018-04-19 | CVE-2018-2846 | Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: Server: Performance Schema). | 4.9 |