Vulnerabilities > Critical

DATE CVE VULNERABILITY TITLE RISK
2018-03-05 CVE-2018-7716 Unspecified vulnerability in Privatevpn 2.0.31
PrivateVPN 2.0.31 for macOS suffers from a root privilege escalation vulnerability with its com.privat.vpn.helper privileged helper tool.
network
low complexity
privatevpn
critical
 9.8
9.8
2018-03-05 CVE-2018-7715 Unspecified vulnerability in Privatevpn 2.0.31
PrivateVPN 2.0.31 for macOS suffers from a root privilege escalation vulnerability with its com.privat.vpn.helper privileged helper tool.
network
low complexity
privatevpn
critical
 9.8
9.8
2018-03-05 CVE-2018-7493 Unspecified vulnerability in Cactusvpn
CactusVPN through 6.0 for macOS suffers from a root privilege escalation vulnerability in its privileged helper tool.
network
low complexity
cactusvpn
critical
 9.8
9.8
2018-03-05 CVE-2017-18215 Out-of-bounds Write vulnerability in multiple products
xvpng.c in xv 3.10a has memory corruption (out-of-bounds write) when decoding PNG comment fields, leading to crashes or potentially code execution, because it uses an incorrect length value.
network
low complexity
xv-project opensuse CWE-787
critical
 9.8
9.8
2018-03-05 CVE-2018-5455 Improper Authentication vulnerability in Moxa products
A Reliance on Cookies without Validation and Integrity Checking issue was discovered in Moxa OnCell G3100-HSPA Series version 1.4 Build 16062919 and prior.
network
low complexity
moxa CWE-287
critical
 9.8
9.8
2018-03-05 CVE-2018-7667 Server-Side Request Forgery (SSRF) vulnerability in Adminer
Adminer through 4.3.1 has SSRF via the server parameter.
network
low complexity
adminer CWE-918
critical
 9.8
9.8
2018-03-05 CVE-2018-7666 SQL Injection vulnerability in Clip-Bucket Clipbucket
An issue was discovered in ClipBucket before 4.0.0 Release 4902.
network
low complexity
clip-bucket CWE-89
critical
 9.8
9.8
2018-03-05 CVE-2018-7665 Unrestricted Upload of File with Dangerous Type vulnerability in Clip-Bucket Clipbucket
An issue was discovered in ClipBucket before 4.0.0 Release 4902.
network
low complexity
clip-bucket CWE-434
critical
 9.8
9.8
2018-03-05 CVE-2018-7664 OS Command Injection vulnerability in Clip-Bucket Clipbucket
An issue was discovered in ClipBucket before 4.0.0 Release 4902.
network
low complexity
clip-bucket CWE-78
critical
 9.8
9.8
2018-03-02 CVE-2017-9285 Improper Authentication vulnerability in multiple products
NetIQ eDirectory before 9.0 SP4 did not enforce login restrictions when "ebaclient" was used, allowing unpermitted access to eDirectory services.
network
low complexity
netiq microfocus CWE-287
critical
 9.8
9.8