Vulnerabilities > High
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2018-05-31 | CVE-2016-10519 | Information Exposure vulnerability in Webtorrent Bittorrent-Dht A security issue was found in bittorrent-dht before 5.1.3 that allows someone to send a specific series of messages to a listening peer and get it to reveal internal memory. | 7.5 |
| 2018-05-31 | CVE-2016-10518 | Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in WS Project WS A vulnerability was found in the ping functionality of the ws module before 1.0.0 which allowed clients to allocate memory by sending a ping frame. | 7.5 |
| 2018-05-31 | CVE-2015-9239 | Improper Input Validation vulnerability in Ansi2Html Project Ansi2Html 0.0.1 ansi2html is vulnerable to regular expression denial of service (ReDoS) when certain types of user input is passed in. | 7.5 |
| 2018-05-31 | CVE-2014-10066 | Path Traversal vulnerability in Fancy-Server Project Fancy-Server Versions less than 0.1.4 of the static file server module fancy-server are vulnerable to directory traversal. | 7.5 |
| 2018-05-31 | CVE-2014-10064 | Resource Management Errors vulnerability in QS Project QS The qs module before 1.0.0 does not have an option or default for specifying object depth and when parsing a string representing a deeply nested object will block the event loop for long periods of time. | 7.5 |
| 2018-05-31 | CVE-2018-11626 | Out-of-bounds Write vulnerability in Simple Lossless Audio Project Simple Lossless Audio 0.1.2 SELA (aka SimplE Lossless Audio) v0.1.2-alpha has a stack-based buffer overflow in the core/apev2.c init_apev2_keys function. | 7.5 |
| 2018-05-31 | CVE-2018-11139 | OS Command Injection vulnerability in Quest Kace System Management Appliance 8.0.318 The '/common/ajax_email_connection_test.php' script in the Quest KACE System Management Appliance 8.0.318 is accessible by any authenticated user and can be abused to execute arbitrary commands on the system. | 8.8 |
| 2018-05-31 | CVE-2018-11135 | Unspecified vulnerability in Quest Kace System Management Appliance 8.0.318 The script '/adminui/error_details.php' in the Quest KACE System Management Appliance 8.0.318 allows authenticated users to conduct PHP object injection attacks. | 8.8 |
| 2018-05-31 | CVE-2018-11134 | Weak Password Recovery Mechanism for Forgotten Password vulnerability in Quest Kace System Management Appliance 8.0.318 In order to perform actions that requires higher privileges, the Quest KACE System Management Appliance 8.0.318 relies on a message queue managed that runs with root privileges and only allows a set of commands. | 8.8 |
| 2018-05-31 | CVE-2018-11132 | OS Command Injection vulnerability in Quest Kace System Management Appliance 8.0.318 In order to perform actions that require higher privileges, the Quest KACE System Management Appliance 8.0.318 relies on a message queue that runs daemonized with root privileges and only allows a set of commands to be executed. | 8.8 |