Vulnerabilities > High
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2018-08-24 | CVE-2017-11564 | Out-of-bounds Write vulnerability in Dlink Eyeon Baby Monitor Firmware 1.08.1 The D-Link EyeOn Baby Monitor (DCS-825L) 1.08.1 has multiple command injection vulnerabilities in the web service framework. | 8.8 |
| 2018-08-24 | CVE-2018-1699 | SQL Injection vulnerability in IBM Maximo Asset Management IBM Maximo Asset Management 7.6 through 7.6.3 is vulnerable to SQL injection. | 8.8 |
| 2018-08-24 | CVE-2018-3909 | HTTP Request Smuggling vulnerability in Samsung Sth-Eth-250 Firmware 0.20.17 An exploitable vulnerability exists in the REST parser of video-core's HTTP server of the Samsung SmartThings Hub STH-ETH-250 - Firmware version 0.20.17. | 8.6 |
| 2018-08-23 | CVE-2018-15822 | Reachable Assertion vulnerability in multiple products The flv_write_packet function in libavformat/flvenc.c in FFmpeg through 2.8 does not check for an empty audio packet, leading to an assertion failure. | 7.5 |
| 2018-08-23 | CVE-2018-3911 | HTTP Response Splitting vulnerability in Samsung Sth-Eth-250 Firmware 0.20.17 An exploitable HTTP header injection vulnerability exists in the remote servers of Samsung SmartThings Hub STH-ETH-250 - Firmware version 0.20.17. | 8.6 |
| 2018-08-23 | CVE-2018-15807 | Use of Insufficiently Random Values vulnerability in Posim EVO 15.13 POSIM EVO 15.13 for Windows includes an "Emergency Override" administrative account that may be accessed through POSIM's "override" feature. | 7.8 |
| 2018-08-23 | CVE-2018-14797 | Uncontrolled Search Path Element vulnerability in Emerson Deltav Emerson DeltaV DCS versions 11.3.1, 12.3.1, 13.3.0, 13.3.1, R5 allow a specially crafted DLL file to be placed in the search path and loaded as an internal and valid DLL, which may allow arbitrary code execution. | 7.8 |
| 2018-08-23 | CVE-2018-14791 | Improper Privilege Management vulnerability in Emerson Deltav Emerson DeltaV DCS versions 11.3.1, 12.3.1, 13.3.0, 13.3.1, R5 may allow non-administrative users to change executable and library files on the affected products. | 7.8 |
| 2018-08-23 | CVE-2018-1156 | Out-of-bounds Write vulnerability in Mikrotik Routeros Mikrotik RouterOS before 6.42.7 and 6.40.9 is vulnerable to stack buffer overflow through the license upgrade interface. | 8.8 |
| 2018-08-23 | CVE-2003-1605 | Credentials Management vulnerability in Haxx Curl curl 7.x before 7.10.7 sends CONNECT proxy credentials to the remote server. | 7.5 |