Vulnerabilities > High
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2018-08-29 | CVE-2018-16132 | Resource Exhaustion vulnerability in Signal The image rendering component (createGenericPreview) of the Open Whisper Signal app through 2.29.0 for iOS fails to check for unreasonably large images before manipulating received images. | 8.6 |
| 2018-08-29 | CVE-2018-7792 | Missing Authorization vulnerability in Schneider-Electric Modicon M221 Firmware 1.1.1.5 A Permissions, Privileges, and Access Control vulnerability exists in Schneider Electric's Modicon M221 product (all references, all versions prior to firmware V1.6.2.0). | 7.5 |
| 2018-08-29 | CVE-2018-7789 | Improper Check for Unusual or Exceptional Conditions vulnerability in Schneider-Electric Modicon M221 Firmware 1.1.1.5 An Improper Check for Unusual or Exceptional Conditions vulnerability exists in Schneider Electric's Modicon M221 product (all references, all versions prior to firmware V1.6.2.0). | 7.5 |
| 2018-08-29 | CVE-2018-6598 | Incorrect Permission Assignment for Critical Resource vulnerability in Orbic Wonder Rc555L Firmware 7.1.2 An issue was discovered on Orbic Wonder Orbic/RC555L/RC555L:7.1.2/N2G47H/329100b:user/release-keys devices. | 7.1 |
| 2018-08-29 | CVE-2018-15912 | Improper Privilege Management vulnerability in Manjaro Linux An issue was discovered in manjaro-update-system.sh in manjaro-system 20180716-1 on Manjaro Linux. | 7.8 |
| 2018-08-29 | CVE-2018-14768 | Unspecified vulnerability in Vivotek Camera Various VIVOTEK FD8*, FD9*, FE9*, IB8*, IB9*, IP9*, IZ9*, MS9*, SD9*, and other devices before XXXXXX-VVTK-xx06a allow remote attackers to execute arbitrary code. | 8.8 |
| 2018-08-29 | CVE-2018-12710 | Cleartext Transmission of Sensitive Information vulnerability in Dlink Dir-601 Firmware 2.02Na An issue was discovered on D-Link DIR-601 2.02NA devices. | 8.0 |
| 2018-08-29 | CVE-2017-17762 | XXE vulnerability in Episerver 7 XML external entity (XXE) vulnerability in Episerver 7 patch 4 and earlier allows remote attackers to read arbitrary files via a crafted DTD in an XML request involving util/xmlrpc/Handler.ashx. | 7.5 |
| 2018-08-29 | CVE-2018-8022 | Improper Input Validation vulnerability in Apache Traffic Server A carefully crafted invalid TLS handshake can cause Apache Traffic Server (ATS) to segfault. | 7.5 |
| 2018-08-29 | CVE-2018-5003 | Untrusted Search Path vulnerability in Adobe Creative Cloud Adobe Creative Cloud Desktop Application before 4.5.5.342 (installer) has an insecure library loading (dll hijacking) vulnerability. | 7.8 |