Vulnerabilities > High
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2018-07-11 | CVE-2018-3933 | Out-of-bounds Write vulnerability in Antennahouse Office Server Document Converter 6.1 An exploitable out-of-bounds write exists in the Microsoft Word document conversion functionality of the Antenna House Office Server Document Converter version V6.1 Pro MR2 for Linux64 (6,1,2018,0312). | 7.8 |
| 2018-07-11 | CVE-2018-3932 | Out-of-bounds Write vulnerability in Antennahouse Office Server Document Converter 6.1 An exploitable stack-based buffer overflow exists in the Microsoft Word document conversion functionality of the Antenna House Office Server Document Converter version V6.1 Pro MR2 for Linux64 (6,1,2018,0312). | 7.8 |
| 2018-07-11 | CVE-2018-3931 | Out-of-bounds Write vulnerability in Antennahouse Office Server Document Converter 6.1 In Antenna House Office Server Document Converter version V6.1 Pro MR2 for Linux64 (6,1,2018,0312), a crafted Microsoft Word (DOC) document can lead to an out-of-bounds write, resulting in remote code execution. | 7.8 |
| 2018-07-11 | CVE-2018-3930 | Out-of-bounds Write vulnerability in Antennahouse Office Server Document Converter 6.1 In Antenna House Office Server Document Converter version V6.1 Pro MR2 for Linux64 (6,1,2018,0312), a crafted Microsoft Word (DOC) document can lead to an out-of-bounds write, resulting in remote code execution. | 7.8 |
| 2018-07-11 | CVE-2018-3929 | Out-of-bounds Write vulnerability in Antennahouse Office Server Document Converter 6.1 An exploitable heap corruption exists in the PowerPoint document conversion functionality of the Antenna House Office Server Document Converter version V6.1 Pro MR2 for Linux64 (6,1,2018,0312). | 7.8 |
| 2018-07-11 | CVE-2018-13989 | Cross-Site Request Forgery (CSRF) vulnerability in Arcelikas Grundig Smart Inter@Ctive Firmware 3.0 Grundig Smart Inter@ctive TV 3.0 devices allow CSRF attacks via a POST request to TCP port 8085 containing a predictable ID value, as demonstrated by a /sendrcpackage?keyid=-2544&keysymbol=-4081 request to shut off the device. | 8.8 |
| 2018-07-11 | CVE-2018-11529 | Use After Free vulnerability in multiple products VideoLAN VLC media player 2.2.x is prone to a use after free vulnerability which an attacker can leverage to execute arbitrary code via crafted MKV files. | 8.0 |
| 2018-07-11 | CVE-2017-16709 | Unspecified vulnerability in Crestron Airmedia Am-100 Firmware and Airmedia Am-101 Firmware Crestron Airmedia AM-100 devices with firmware before 1.6.0 and AM-101 devices with firmware before 2.7.0 allows remote authenticated administrators to execute arbitrary code via unspecified vectors. | 7.2 |
| 2018-07-11 | CVE-2013-2972 | Improper Access Control vulnerability in IBM Websphere Cast Iron Cloud Integration 6.0.0.0/6.1.0.0/6.3.0.0 IBM WebSphere Cast Iron 6.3 allows remote attackers to bypass intended access restrictions via unspecified vectors. | 7.5 |
| 2018-07-11 | CVE-2013-2951 | Credentials Management vulnerability in IBM Websphere Portal IBM WebSphere Portal 7.0.0.x and 8.0.0.x write passwords to a trace file when tracing is enabled for the Selfcare Portlet (Profile Management), which allows local users to obtain sensitive information by reading the file. | 7.8 |