Vulnerabilities > High

DATE CVE VULNERABILITY TITLE RISK
2018-09-10 CVE-2018-12608 Improper Certificate Validation vulnerability in Mobyproject Moby
An issue was discovered in Docker Moby before 17.06.0.
network
low complexity
mobyproject CWE-295
7.5
7.5
2018-09-10 CVE-2016-7072 Resource Exhaustion vulnerability in multiple products
An issue has been found in PowerDNS Authoritative Server before 3.4.11 and 4.0.2 allowing a remote, unauthenticated attacker to cause a denial of service by opening a large number of TCP connections to the web server.
network
low complexity
powerdns debian CWE-400
7.5
7.5
2018-09-10 CVE-2018-16802 An issue was discovered in Artifex Ghostscript before 9.25.
local
low complexity
artifex debian canonical redhat
7.8
7.8
2018-09-10 CVE-2016-9048 SQL Injection vulnerability in Processmaker 3.0.1.7
Multiple exploitable SQL Injection vulnerabilities exists in ProcessMaker Enterprise Core 3.0.1.7-community.
network
low complexity
processmaker CWE-89
7.4
7.4
2018-09-10 CVE-2016-7035 Improper Authorization vulnerability in multiple products
An authorization flaw was found in Pacemaker before 1.1.16, where it did not properly guard its IPC interface.
local
low complexity
clusterlabs redhat CWE-285
7.8
7.8
2018-09-10 CVE-2018-3897 Classic Buffer Overflow vulnerability in Samsung Sth-Eth-250 Firmware 0.20.17
An exploitable buffer overflow vulnerabilities exist in the /cameras/XXXX/clips handler of video-core's HTTP server of Samsung SmartThings Hub with Firmware version 0.20.17.
network
low complexity
samsung CWE-120
8.8
8.8
2018-09-10 CVE-2018-3896 Classic Buffer Overflow vulnerability in Samsung Sth-Eth-250 Firmware 0.20.17
An exploitable buffer overflow vulnerabilities exist in the /cameras/XXXX/clips handler of video-core's HTTP server of Samsung SmartThings Hub with Firmware version 0.20.17.
network
low complexity
samsung CWE-120
8.8
8.8
2018-09-10 CVE-2016-7071 Improper Authorization vulnerability in Redhat Cloudforms and Cloudforms Management Engine
It was found that the CloudForms before 5.6.2.2, and 5.7.0.7 did not properly apply permissions controls to VM IDs passed by users.
network
low complexity
redhat CWE-285
8.8
8.8
2018-09-10 CVE-2016-7075 It was found that Kubernetes as used by Openshift Enterprise 3 did not correctly validate X.509 client intermediate certificate host name fields.
network
high complexity
kubernetes redhat
8.1
8.1
2018-09-10 CVE-2018-16797 Out-of-bounds Write vulnerability in Kakaocorp Potplayer 1.7.8556
A heap-based buffer overflow in PotPlayerMini.exe in PotPlayer 1.7.8556 allows remote attackers to execute arbitrary code via a .wav file with large BytesPerSec and SamplesPerSec values, and a small Data_Chunk_Size value.
local
low complexity
kakaocorp CWE-787
7.8
7.8