Vulnerabilities > High
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2018-07-13 | CVE-2018-1000209 | Incorrect Permission Assignment for Critical Resource vulnerability in Sensu Core Sensu, Inc. | 8.8 |
| 2018-07-13 | CVE-2018-1000208 | Path Traversal vulnerability in Modx Revolution MODX Revolution version <=2.6.4 contains a Directory Traversal vulnerability in /core/model/modx/modmanagerrequest.class.php that can result in remove files. | 7.5 |
| 2018-07-13 | CVE-2018-1000207 | Incorrect Permission Assignment for Critical Resource vulnerability in Modx Revolution MODX Revolution version <=2.6.4 contains a Incorrect Access Control vulnerability in Filtering user parameters before passing them into phpthumb class that can result in Creating file with custom a filename and content. | 7.2 |
| 2018-07-13 | CVE-2018-1000206 | Cross-Site Request Forgery (CSRF) vulnerability in Jfrog Artifactory JFrog Artifactory version since 5.11 contains a Cross ite Request Forgery (CSRF) vulnerability in UI rest endpoints that can result in Classic CSRF attack allowing an attacker to perform actions as logged in user. | 8.8 |
| 2018-07-13 | CVE-2018-7535 | Incorrect Default Permissions vulnerability in Totalav 4.1.7/4.6.19 An issue was discovered in TotalAV v4.1.7. | 7.8 |
| 2018-07-13 | CVE-2018-1245 | Incorrect Authorization vulnerability in EMC RSA Identity Governance and Lifecycle 7.0.1/7.0.2/7.1.0 RSA Identity Lifecycle and Governance versions 7.0.1, 7.0.2 and 7.1.0 contains an authorization bypass vulnerability within the workflow architect component (ACM). | 8.8 |
| 2018-07-13 | CVE-2018-10018 | Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in Gdata-Software Total Security 25.4.0.3 The GDASPAMLib.AntiSpam ActiveX control ASK\GDASpam.dll in G DATA Total Security 25.4.0.3 has a buffer overflow via a long IsBlackListed argument. | 8.8 |
| 2018-07-13 | CVE-2018-9067 | Unspecified vulnerability in Lenovo Help The Lenovo Help Android app versions earlier than 6.1.2.0327 had insufficient access control for some functions which, if exploited, could have led to exposure of approximately 400 email addresses and 8,500 IMEI. | 7.5 |
| 2018-07-13 | CVE-2018-14051 | Infinite Loop vulnerability in Libwav Project Libwav The function wav_read in libwav.c in libwav through 2017-04-20 has an infinite loop. | 7.5 |
| 2018-07-13 | CVE-2018-14046 | Out-of-bounds Read vulnerability in Exiv2 0.26 Exiv2 0.26 has a heap-based buffer over-read in WebPImage::decodeChunks in webpimage.cpp. | 8.8 |