Vulnerabilities > High
DATE | CVE | VULNERABILITY TITLE | RISK |
---|---|---|---|
2018-06-06 | CVE-2018-3852 | Improper Input Validation vulnerability in Onssi Ocularis 5.5.0.242 An exploitable denial of service vulnerability exists in the Ocularis Recorder functionality of Ocularis 5.5.0.242. | 7.5 |
2018-06-06 | CVE-2018-3562 | Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in Google Android Buffer over -read can occur while processing a FILS authentication frame in all Android releases from CAF (Android for MSM, Firefox OS for MSM, QRD Android) using the Linux Kernel. | 7.1 |
2018-06-06 | CVE-2017-18154 | Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in Google Android A crafted binder request can cause an arbitrary unmap in MediaServer in all Android releases from CAF (Android for MSM, Firefox OS for MSM, QRD Android) using the Linux Kernel. | 7.2 |
2018-06-06 | CVE-2017-7931 | Improper Authentication vulnerability in ABB IP Gateway Firmware In ABB IP GATEWAY 3.39 and prior, by accessing a specific uniform resource locator (URL) on the web server, a malicious user is able to access the configuration files and application pages without authentication. | 7.5 |
2018-06-05 | CVE-2018-11586 | Server-Side Request Forgery (SSRF) vulnerability in Searchblox 8.6.7 XML external entity (XXE) vulnerability in api/rest/status in SearchBlox 8.6.7 allows remote unauthenticated users to read arbitrary files or conduct server-side request forgery (SSRF) attacks via a crafted DTD in an XML request. | 7.5 |
2018-06-05 | CVE-2018-10966 | Use of Hard-coded Credentials vulnerability in Gamerpolls 0.4.6 An issue was discovered in GamerPolls 0.4.6, related to config/environments/all.js and config/initializers/02_passport.js. | 7.5 |
2018-06-05 | CVE-2018-10813 | Use of Hard-coded Credentials vulnerability in Aprendecondedos Dedos-Web 1.0 In Dedos-web 1.0, the cookie and session secrets used in the Express.js application have hardcoded values that are visible in the source code published on GitHub. | 7.5 |
2018-06-05 | CVE-2017-1350 | Unspecified vulnerability in IBM Infosphere Information Server IBM InfoSphere Information Server 9.1, 11.3, 11.5, and 11.7 could allow a user to escalate their privileges to administrator due to improper access controls. | 7.2 |
2018-06-05 | CVE-2018-6662 | OS Command Injection vulnerability in Mcafee Management of Native Encryption Privilege Escalation vulnerability in McAfee Management of Native Encryption (MNE) before 4.1.4 allows local users to gain elevated privileges via a crafted user input. | 7.8 |
2018-06-05 | CVE-2016-9488 | SQL Injection vulnerability in Manageengine Applications Manager 12.0/13.0 ManageEngine Applications Manager versions 12 and 13 before build 13200 suffer from remote SQL injection vulnerabilities. | 7.5 |