Vulnerabilities > High
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2018-10-11 | CVE-2018-15766 | Weak Password Requirements vulnerability in Dell Encryption and Endpoint Security Suite Enterprise On install, Dell Encryption versions prior 10.0.1 and Dell Endpoint Security Suite Enterprise versions prior 2.0.1 will overwrite and manually set the "Minimum Password Length" group policy object to a value of 1 on that device. | 7.5 |
| 2018-10-11 | CVE-2018-18215 | Cross-Site Request Forgery (CSRF) vulnerability in Youke365 Youke 365 1.1.5 In youke365 v1.1.5, admin/user.html has a CSRF vulnerability that can add an user account. | 8.8 |
| 2018-10-11 | CVE-2018-12449 | Untrusted Search Path vulnerability in Navercorp Whale 0.4.3.0 The Whale browser installer 0.4.3.0 and earlier versions allows DLL hijacking. | 7.8 |
| 2018-10-11 | CVE-2018-1745 | Missing Authentication for Critical Function vulnerability in IBM Security KEY Lifecycle Manager IBM Security Key Lifecycle Manager 2.7 and 3.0 could allow an unauthenticated user to restart the SKLM server due to missing authentication. | 7.5 |
| 2018-10-11 | CVE-2018-1738 | Improper Authentication vulnerability in IBM Security KEY Lifecycle Manager IBM Security Key Lifecycle Manager 2.6, 2.7, 3.0 could allow an authenticated user to obtain highly sensitive information or jeopardize system integrity due to improper authentication mechanisms. | 7.1 |
| 2018-10-10 | CVE-2018-18061 | Improper Authentication vulnerability in Tecrail Responsive Filemanager 9.8.1 An issue was discovered in dialog.php in tecrail Responsive FileManager 9.8.1. | 7.5 |
| 2018-10-10 | CVE-2018-13789 | Insufficiently Protected Credentials vulnerability in Descor Infocad FM An issue was discovered in Descor Infocad FM before 3.1.0.0. | 7.5 |
| 2018-10-10 | CVE-2018-12456 | Cross-Site Request Forgery (CSRF) vulnerability in Intelbras Nplug Firmware 1.0.0.14 Intelbras NPLUG 1.0.0.14 wireless repeater devices have no CSRF token protection in the web interface, allowing attackers to perform actions such as changing the wireless SSID, rebooting the device, editing access control lists, or activating remote access. | 8.8 |
| 2018-10-10 | CVE-2018-12455 | Improper Authentication vulnerability in Intelbras Nplug Firmware 1.0.0.14 Intelbras NPLUG 1.0.0.14 wireless repeater devices have a critical vulnerability that allows an attacker to authenticate in the web interface just by using "admin:" as the name of a cookie. | 8.1 |
| 2018-10-10 | CVE-2018-12173 | Incorrect Permission Assignment for Critical Resource vulnerability in Intel products Insufficient access protection in firmware in Intel Server Board, Intel Server System and Intel Compute Module before firmware version 00.01.0014 may allow an unauthenticated attacker to potentially execute arbitrary code resulting in information disclosure, escalation of privilege and/or denial of service via local access. | 7.6 |