Vulnerabilities > High
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2018-06-01 | CVE-2017-2858 | Out-of-bounds Read vulnerability in Natus Xltek Neuroworks 8 An exploitable denial-of-service vulnerability exists in the traversal of lists functionality of Natus Xltek NeuroWorks 8. | 7.5 |
| 2018-06-01 | CVE-2017-2852 | Out-of-bounds Read vulnerability in Natus Xltek Neuroworks 8 An exploitable denial-of-service vulnerability exists in the unserialization of lists functionality of Natus Xltek NeuroWorks 8. | 7.5 |
| 2018-06-01 | CVE-2018-7951 | Code Injection vulnerability in Huawei products The iBMC (Intelligent Baseboard Management Controller) of some Huawei servers have a JSON injection vulnerability due to insufficient input validation. | 8.8 |
| 2018-06-01 | CVE-2018-7950 | Code Injection vulnerability in Huawei products The iBMC (Intelligent Baseboard Management Controller) of some Huawei servers have a JSON injection vulnerability due to insufficient input validation. | 8.8 |
| 2018-06-01 | CVE-2018-7949 | Improper Authentication vulnerability in Huawei products The iBMC (Intelligent Baseboard Management Controller) of some Huawei servers have a privilege escalation vulnerability. | 8.8 |
| 2018-06-01 | CVE-2018-5523 | Unspecified vulnerability in F5 products On F5 BIG-IP 13.1.0-13.1.0.3, 13.0.0, 12.1.0-12.1.3.1, 11.6.1-11.6.3.1, 11.5.1-11.5.5, or 11.2.1 and Enterprise Manager 3.1.1, when authenticated administrative users run commands in the Traffic Management User Interface (TMUI), also referred to as the BIG-IP Configuration utility, restrictions on allowed commands may not be enforced. | 7.2 |
| 2018-06-01 | CVE-2018-5513 | Improper Input Validation vulnerability in F5 products On F5 BIG-IP 13.1.0-13.1.0.3, 13.0.0, 12.1.0-12.1.3.3, 11.6.1-11.6.3.1, 11.5.1-11.5.5, or 11.2.1, a malformed TLS handshake causes TMM to crash leading to a disruption of service. | 7.5 |
| 2018-06-01 | CVE-2018-11646 | Unspecified vulnerability in Webkitgtk Webkitgtk+ webkitFaviconDatabaseSetIconForPageURL and webkitFaviconDatabaseSetIconURLForPageURL in UIProcess/API/glib/WebKitFaviconDatabase.cpp in WebKit, as used in WebKitGTK+ through 2.21.3, mishandle an unset pageURL, leading to an application crash. | 7.5 |
| 2018-05-31 | CVE-2018-6552 | Unspecified vulnerability in Apport Project Apport Apport does not properly handle crashes originating from a PID namespace allowing local users to create certain files as root which an attacker could leverage to perform a denial of service via resource exhaustion, possibly gain root privileges, or escape from containers. | 7.8 |
| 2018-05-31 | CVE-2016-10572 | Cryptographic Issues vulnerability in Mongodb-Instance Project Mongodb-Instance 0.0.1/0.0.2 mongodb-instance before 0.0.3 installs mongodb locally. | 8.1 |