Vulnerabilities > High

DATE CVE VULNERABILITY TITLE RISK
2018-08-30 CVE-2018-11616 OS Command Injection vulnerability in Tencent Foxmail 7.2.9.115
This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Tencent Foxmail 7.2.9.115.
network
low complexity
tencent CWE-78
8.8
2018-08-30 CVE-2018-11615 Incorrect Regular Expression vulnerability in Mosca Project Mosca 2.8.1
This vulnerability allows remote attackers to deny service on vulnerable installations of npm mosca 2.8.1.
network
low complexity
mosca-project CWE-185
7.5
2018-08-30 CVE-2018-16140 Out-of-bounds Write vulnerability in multiple products
A buffer underwrite vulnerability in get_line() (read.c) in fig2dev 3.2.7a allows an attacker to write prior to the beginning of the buffer via a crafted .fig file.
local
low complexity
canonical fig2dev-project CWE-787
7.8
2018-08-30 CVE-2018-16058 Improper Initialization vulnerability in multiple products
In Wireshark 2.6.0 to 2.6.2, 2.4.0 to 2.4.8, and 2.2.0 to 2.2.16, the Bluetooth AVDTP dissector could crash.
network
low complexity
wireshark debian CWE-665
7.5
2018-08-30 CVE-2018-16057 In Wireshark 2.6.0 to 2.6.2, 2.4.0 to 2.4.8, and 2.2.0 to 2.2.16, the Radiotap dissector could crash.
network
low complexity
wireshark debian
7.5
2018-08-30 CVE-2018-16056 In Wireshark 2.6.0 to 2.6.2, 2.4.0 to 2.4.8, and 2.2.0 to 2.2.16, the Bluetooth Attribute Protocol dissector could crash.
network
low complexity
wireshark debian
7.5
2018-08-29 CVE-2018-16132 Resource Exhaustion vulnerability in Signal
The image rendering component (createGenericPreview) of the Open Whisper Signal app through 2.29.0 for iOS fails to check for unreasonably large images before manipulating received images.
network
low complexity
signal CWE-400
8.6
2018-08-29 CVE-2018-7792 Missing Authorization vulnerability in Schneider-Electric Modicon M221 Firmware 1.1.1.5
A Permissions, Privileges, and Access Control vulnerability exists in Schneider Electric's Modicon M221 product (all references, all versions prior to firmware V1.6.2.0).
network
low complexity
schneider-electric CWE-862
7.5
2018-08-29 CVE-2018-7789 Improper Check for Unusual or Exceptional Conditions vulnerability in Schneider-Electric Modicon M221 Firmware 1.1.1.5
An Improper Check for Unusual or Exceptional Conditions vulnerability exists in Schneider Electric's Modicon M221 product (all references, all versions prior to firmware V1.6.2.0).
network
low complexity
schneider-electric CWE-754
7.5
2018-08-29 CVE-2018-6598 Incorrect Permission Assignment for Critical Resource vulnerability in Orbic Wonder Rc555L Firmware 7.1.2
An issue was discovered on Orbic Wonder Orbic/RC555L/RC555L:7.1.2/N2G47H/329100b:user/release-keys devices.
local
low complexity
orbic CWE-732
7.1