Vulnerabilities > High
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2018-08-08 | CVE-2018-15209 | Out-of-bounds Write vulnerability in multiple products ChopUpSingleUncompressedStrip in tif_dirread.c in LibTIFF 4.0.9 allows remote attackers to cause a denial of service (heap-based buffer overflow and application crash) or possibly have unspecified other impact via a crafted TIFF file, as demonstrated by tiff2pdf. | 8.8 |
| 2018-08-08 | CVE-2018-15198 | Cross-Site Request Forgery (CSRF) vulnerability in Onethink 1.1 An issue was discovered in OneThink v1.1. | 8.8 |
| 2018-08-08 | CVE-2018-15197 | Cross-Site Request Forgery (CSRF) vulnerability in Onethink 1.1 An issue was discovered in OneThink v1.1. | 8.8 |
| 2018-08-08 | CVE-2018-15193 | Cross-Site Request Forgery (CSRF) vulnerability in Gogs 0.11.53 A CSRF vulnerability in the admin panel in Gogs through 0.11.53 allows remote attackers to execute admin operations via a crafted issue / link. | 8.8 |
| 2018-08-08 | CVE-2018-15192 | Server-Side Request Forgery (SSRF) vulnerability in multiple products An SSRF vulnerability in webhooks in Gitea through 1.5.0-rc2 and Gogs through 0.11.53 allows remote attackers to access intranet services. | 8.6 |
| 2018-08-08 | CVE-2018-15177 | Cross-Site Request Forgery (CSRF) vulnerability in Gxlcms 2.0 In Gxlcms 2.0, a news/index.php?s=Admin-Admin-Insert CSRF attack can add an administrator account. | 8.8 |
| 2018-08-08 | CVE-2018-15176 | Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in Xnview 2.45 XnView 2.45 allows remote attackers to cause a denial of service (User Mode Write AV starting at MSVCR120!memcpy+0x0000000000000074 and application crash) or possibly have unspecified other impact via a crafted RLE file. | 7.8 |
| 2018-08-08 | CVE-2018-15175 | Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in Xnview 2.45 XnView 2.45 allows remote attackers to cause a denial of service (User Mode Write AV starting at Qt5Core!QVariant::~QVariant+0x0000000000000014 and application crash) or possibly have unspecified other impact via a crafted RLE file. | 7.8 |
| 2018-08-08 | CVE-2018-15174 | Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in Xnview 2.45 XnView 2.45 allows remote attackers to cause a denial of service (Read Access Violation at the Instruction Pointer and application crash) or possibly have unspecified other impact via a crafted ICO file. | 7.8 |
| 2018-08-08 | CVE-2018-15173 | Unspecified vulnerability in Nmap Nmap through 7.70, when the -sV option is used, allows remote attackers to cause a denial of service (stack consumption and application crash) via a crafted TCP-based service. | 7.5 |