Vulnerabilities > High
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2018-05-25 | CVE-2018-1488 | Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in IBM DB2 10.5/11.1 IBM DB2 for Linux, UNIX and Windows (includes DB2 Connect Server) 10.5 and 11.1 is vulnerable to a buffer overflow, which could allow an authenticated local attacker to execute arbitrary code on the system as root. | 7.8 |
| 2018-05-25 | CVE-2018-1467 | Information Exposure vulnerability in IBM Storwize Unified V7000 Software 1.6 The IBM Storwize V7000 Unified management Web interface 1.6 exposes internal cluster details to unauthenticated users. | 7.5 |
| 2018-05-25 | CVE-2018-1459 | Out-of-bounds Write vulnerability in IBM DB2 IBM DB2 for Linux, UNIX and Windows (includes DB2 Connect Server) 9.7, 10.1, 10.5, and 11.1 is vulnerable to stack based buffer overflow, caused by improper bounds checking which could lead an attacker to execute arbitrary code. | 7.8 |
| 2018-05-25 | CVE-2018-11470 | SQL Injection vulnerability in Iscripts Eswap 2.4 iScripts eSwap v2.4 has SQL injection via the "search.php" 'Told' parameter in the User Panel. | 8.8 |
| 2018-05-25 | CVE-2018-6664 | Improper Verification of Cryptographic Signature vulnerability in Mcafee Data Loss Prevention Endpoint Application Protections Bypass vulnerability in Microsoft Windows in McAfee Data Loss Prevention (DLP) Endpoint before 10.0.500 and DLP Endpoint before 11.0.400 allows authenticated users to bypass the product block action via a command-line utility. | 8.8 |
| 2018-05-25 | CVE-2018-11445 | Cross-Site Request Forgery (CSRF) vulnerability in Easyservice Billing Project Easyservice Billing 1.0 A CSRF issue was discovered on the User Add/System Settings Page (system-settings-user-new2.php) in EasyService Billing 1.0. | 8.8 |
| 2018-05-25 | CVE-2018-11442 | Cross-Site Request Forgery (CSRF) vulnerability in Easyservice Billing Project Easyservice Billing 1.0 A CSRF issue was discovered in EasyService Billing 1.0, which was triggered via a quotation-new3-new2.php?add=true&id= URI, as demonstrated by adding a new quotation. | 8.8 |
| 2018-05-25 | CVE-2018-1137 | Improper Input Validation vulnerability in Moodle An issue was discovered in Moodle 3.x. | 8.1 |
| 2018-05-25 | CVE-2018-1133 | Code Injection vulnerability in Moodle An issue was discovered in Moodle 3.x. | 8.8 |
| 2018-05-25 | CVE-2018-11440 | Out-of-bounds Write vulnerability in multiple products Liblouis 3.5.0 has a stack-based Buffer Overflow in the function parseChars in compileTranslationTable.c. | 8.8 |