Vulnerabilities > High

DATE CVE VULNERABILITY TITLE RISK
2018-07-26 CVE-2017-12150 It was found that samba before 4.4.16, 4.5.x before 4.5.14, and 4.6.x before 4.6.8 did not enforce "SMB signing" when certain configuration options were enabled.
network
high complexity
samba redhat debian
7.4
2018-07-26 CVE-2018-10901 A flaw was found in Linux kernel's KVM virtualization subsystem.
local
low complexity
linux redhat
7.8
2018-07-26 CVE-2018-0622 Improper Certificate Validation vulnerability in DHC Online Shop
The DHC Online Shop App for Android version 3.2.0 and earlier does not verify X.509 certificates from SSL servers, which allows man-in-the-middle attackers to spoof servers and obtain sensitive information via a crafted certificate.
network
high complexity
dhc CWE-295
7.4
2018-07-26 CVE-2018-0621 Untrusted Search Path vulnerability in Logitech Connection Utility Software 2.00.3/2.20.28/2.30.6
Untrusted search path vulnerability in LOGICOOL CONNECTION UTILITY SOFTWARE versions before 2.30.9 allows an attacker to gain privileges via a Trojan horse DLL in an unspecified directory.
local
low complexity
logitech CWE-426
7.8
2018-07-26 CVE-2018-0620 Untrusted Search Path vulnerability in Logitech Game Software
Untrusted search path vulnerability in LOGICOOL Game Software versions before 8.87.116 allows an attacker to gain privileges via a Trojan horse DLL in an unspecified directory.
local
low complexity
logitech CWE-426
7.8
2018-07-26 CVE-2018-0619 Untrusted Search Path vulnerability in Glarysoft Glary Utilities 5.99
Untrusted search path vulnerability in the installer of Glarysoft Glary Utilities (Glary Utilities 5.99 and earlier and Glary Utilities Pro 5.99 and earlier) allows an attacker to gain privileges via a Trojan horse DLL in an unspecified directory.
local
low complexity
glarysoft CWE-426
7.8
2018-07-26 CVE-2018-0617 Path Traversal vulnerability in Chama Memocgi
Directory traversal vulnerability in ChamaNet MemoCGI v2.1800 to v2.2200 allows remote attackers to read arbitrary files via unspecified vectors.
network
low complexity
chama CWE-22
7.5
2018-07-26 CVE-2018-0613 Improper Privilege Management vulnerability in Necplatforms products
NEC Platforms Calsos CSDX and CSDJ series products (CSDX 1.37210411 and earlier, CSDX(P) 4.37210411 and earlier, CSDX(D) 3.37210411 and earlier, CSDX(S) 2.37210411 and earlier, CSDJ-B 01.03.00 and earlier, CSDJ-H 01.03.00 and earlier, CSDJ-D 01.03.00 and earlier, CSDJ-A 03.00.00) allows remote authenticated attackers to bypass access restriction to conduct arbitrary operations with administrative privilege via unspecified vectors.
network
low complexity
necplatforms CWE-269
8.8
2018-07-26 CVE-2018-0607 SQL Injection vulnerability in Cybozu Garoon
SQL injection vulnerability in the Notifications application in the Cybozu Garoon 3.5.0 to 4.6.2 allows remote authenticated attackers to execute arbitrary SQL commands via unspecified vectors.
network
low complexity
cybozu CWE-89
8.8
2018-07-26 CVE-2017-12163 An information leak flaw was found in the way SMB1 protocol was implemented by Samba before 4.4.16, 4.5.x before 4.5.14, and 4.6.x before 4.6.8.
low complexity
samba redhat debian
7.1