Vulnerabilities > High
DATE | CVE | VULNERABILITY TITLE | RISK |
---|---|---|---|
2018-08-30 | CVE-2018-16159 | SQL Injection vulnerability in Codemenschen Gift Vouchers The Gift Vouchers plugin through 2.0.1 for WordPress allows SQL Injection via the template_id parameter in a wp-admin/admin-ajax.php wpgv_doajax_front_template request. | 7.5 |
2018-08-30 | CVE-2018-15691 | Deserialization of Untrusted Data vulnerability in Broadcom Release Automation 6.3/6.4/6.5 Insecure deserialization of a specially crafted serialized object, in CA Release Automation 6.5 and earlier, allows attackers to potentially execute arbitrary code. | 7.5 |
2018-08-30 | CVE-2018-13824 | SQL Injection vulnerability in multiple products Insufficient input sanitization of two parameters in CA PPM 14.3 and below, 14.4, 15.1, 15.2 CP5 and below, and 15.3 CP2 and below, allows remote attackers to execute SQL injection attacks. | 7.5 |
2018-08-30 | CVE-2018-13821 | Improper Authentication vulnerability in CA Unified Infrastructure Management 8.4.7/8.5/8.5.1 A lack of authentication, in CA Unified Infrastructure Management 8.5.1, 8.5, and 8.4.7, allows remote attackers to conduct a variety of attacks, including file reading/writing. | 7.5 |
2018-08-30 | CVE-2018-16131 | Resource Exhaustion vulnerability in Lightbend Akka Http The decodeRequest and decodeRequestWith directives in Lightbend Akka HTTP 10.1.x through 10.1.4 and 10.0.x through 10.0.13 allow remote attackers to cause a denial of service (memory consumption and daemon crash) via a ZIP bomb. | 7.5 |
2018-08-30 | CVE-2018-14622 | Unchecked Return Value vulnerability in multiple products A null-pointer dereference vulnerability was found in libtirpc before version 0.3.3-rc3. | 7.5 |
2018-08-30 | CVE-2018-14621 | Infinite Loop vulnerability in Libtirpc Project Libtirpc An infinite loop vulnerability was found in libtirpc before version 1.0.2-rc2. | 7.5 |
2018-08-30 | CVE-2018-10936 | Improper Validation of Certificate with Host Mismatch vulnerability in multiple products A weakness was found in postgresql-jdbc before version 42.2.5. | 8.1 |
2018-08-30 | CVE-2018-14619 | Improper Input Validation vulnerability in Linux Kernel A flaw was found in the crypto subsystem of the Linux kernel before version kernel-4.15-rc4. | 7.8 |
2018-08-30 | CVE-2018-11615 | Incorrect Regular Expression vulnerability in Mosca Project Mosca 2.8.1 This vulnerability allows remote attackers to deny service on vulnerable installations of npm mosca 2.8.1. | 7.8 |