Vulnerabilities > High
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2018-06-04 | CVE-2016-10637 | Cryptographic Issues vulnerability in Haxe Haxe-Dev haxe-dev is a cross-platform toolkit. | 8.1 |
| 2018-06-04 | CVE-2016-10636 | Cryptographic Issues vulnerability in Grunt-Ccompiler Project Grunt-Ccompiler grunt-ccompiler is a Closure Compiler Grunt Plugin. | 8.1 |
| 2018-06-04 | CVE-2018-11712 | Improper Certificate Validation vulnerability in Webkitgtk Webkitgtk+ 2.20.0/2.20.1 WebCore/platform/network/soup/SocketStreamHandleImplSoup.cpp in the libsoup network backend of WebKit, as used in WebKitGTK+ versions 2.20.0 and 2.20.1, failed to perform TLS certificate verification for WebSocket connections. | 7.5 |
| 2018-06-04 | CVE-2018-10615 | Path Traversal vulnerability in GE MDS Pulsenet Directory traversal may lead to files being exfiltrated or deleted on the GE MDS PulseNET and MDS PulseNET Enterprise version 3.2.1 and prior host platform. | 8.1 |
| 2018-06-04 | CVE-2018-10613 | XXE vulnerability in GE MDS Pulsenet Multiple variants of XML External Entity (XXE) attacks may be used to exfiltrate data from the host Windows platform in GE MDS PulseNET and MDS PulseNET Enterprise version 3.2.1 and prior. | 7.5 |
| 2018-06-04 | CVE-2018-11710 | Out-of-bounds Write vulnerability in Openmpt Libopenmpt soundlib/pattern.h in libopenmpt before 0.3.9 allows remote attackers to cause a denial of service (application crash) or possibly have unspecified other impact via a crafted AMS file because of an invalid write near address 0 in an out-of-memory situation. | 8.8 |
| 2018-06-04 | CVE-2016-1000343 | Cryptographic Issues vulnerability in multiple products In the Bouncy Castle JCE Provider version 1.55 and earlier the DSA key pair generator generates a weak private key if used with default values. | 7.5 |
| 2018-06-04 | CVE-2016-1000342 | Improper Verification of Cryptographic Signature vulnerability in multiple products In the Bouncy Castle JCE Provider version 1.55 and earlier ECDSA does not fully validate ASN.1 encoding of signature on verification. | 7.5 |
| 2018-06-04 | CVE-2016-1000340 | Data Processing Errors vulnerability in Bouncycastle Legion-Of-The-Bouncy-Castle-Java-Crytography-Api In the Bouncy Castle JCE Provider versions 1.51 to 1.55, a carry propagation bug was introduced in the implementation of squaring for several raw math classes have been fixed (org.bouncycastle.math.raw.Nat???). | 7.5 |
| 2018-06-04 | CVE-2018-11698 | Out-of-bounds Read vulnerability in Sass-Lang Libsass An issue was discovered in LibSass through 3.5.4. | 8.1 |