Vulnerabilities > High

DATE CVE VULNERABILITY TITLE RISK
2018-11-06 CVE-2018-9362 Improper Input Validation vulnerability in Google Android
In processMessagePart of InboundSmsHandler.java, there is a possible remote denial of service due to improper input validation.
network
low complexity
google CWE-20
7.8
2018-11-06 CVE-2018-9361 Out-of-bounds Read vulnerability in Google Android
In process_l2cap_cmd of l2c_main.cc, there is a possible out of bounds read due to a missing bounds check.
network
low complexity
google CWE-125
7.8
2018-11-06 CVE-2018-9360 Out-of-bounds Read vulnerability in Google Android
In process_l2cap_cmd of l2c_main.cc, there is a possible out of bounds read due to a missing bounds check.
network
low complexity
google CWE-125
7.8
2018-11-06 CVE-2018-9359 Out-of-bounds Read vulnerability in Google Android
In process_l2cap_cmd of l2c_main.cc, there is a possible out of bounds read due to a missing bounds check.
network
low complexity
google CWE-125
7.8
2018-11-06 CVE-2018-9358 Out-of-bounds Read vulnerability in Google Android
In gatts_process_attribute_req of gatt_sc.cc, there is a possible read of uninitialized data due to a missing bounds check.
network
low complexity
google CWE-125
7.8
2018-11-06 CVE-2018-9357 Out-of-bounds Write vulnerability in Google Android
In BNEP_Write of bnep_api.cc, there is a possible out of bounds write due to an incorrect bounds check.
local
low complexity
google CWE-787
7.2
2018-11-06 CVE-2018-18963 SQL Injection vulnerability in Degraupublicidade
Busca.aspx.cs in Degrau Publicidade e Internet Plataforma de E-commerce allows SQL Injection via the busca/ URI.
network
low complexity
degraupublicidade CWE-89
7.5
2018-11-05 CVE-2018-18957 Out-of-bounds Write vulnerability in Mz-Automation Libiec61850 1.3
An issue has been found in libIEC61850 v1.3.
network
low complexity
mz-automation CWE-787
7.5
2018-11-05 CVE-2018-9208 Unrestricted Upload of File with Dangerous Type vulnerability in Tuyoshi Jquery Picture CUT 1.1
Unauthenticated arbitrary file upload vulnerability in jQuery Picture Cut <= v1.1Beta
network
low complexity
tuyoshi CWE-434
7.5
2018-11-05 CVE-2018-18949 SQL Injection vulnerability in Zohocorp Manageengine Opmanager 11.4/12.3
Zoho ManageEngine OpManager 12.3 before 123222 has SQL Injection via Mail Server settings.
network
low complexity
zohocorp CWE-89
7.5