Vulnerabilities > High
DATE | CVE | VULNERABILITY TITLE | RISK |
---|---|---|---|
2018-08-20 | CVE-2018-12579 | Weak Password Recovery Mechanism for Forgotten Password vulnerability in Oxid-Esales Eshop An issue was discovered in OXID eShop Enterprise Edition before 5.3.8, 6.0.x before 6.0.3, and 6.1.x before 6.1.0; Professional Edition before 4.10.8, 5.x and 6.0.x before 6.0.3, and 6.1.x before 6.1.0; and Community Edition before 4.10.8, 5.x and 6.0.x before 6.0.3, and 6.1.x before 6.1.0. | 8.1 |
2018-08-20 | CVE-2018-1517 | Improper Input Validation vulnerability in multiple products A flaw in the java.math component in IBM SDK, Java Technology Edition 6.0, 7.0, and 8.0 may allow an attacker to inflict a denial-of-service attack with specially crafted String data. | 7.5 |
2018-08-20 | CVE-2017-16744 | Path Traversal vulnerability in Tridium Niagara and Niagara AX Framework A path traversal vulnerability in Tridium Niagara AX Versions 3.8 and prior and Niagara 4 systems Versions 4.4 and prior installed on Microsoft Windows Systems can be exploited by leveraging valid platform (administrator) credentials. | 7.2 |
2018-08-20 | CVE-2016-7048 | Improper Access Control vulnerability in Postgresql The interactive installer in PostgreSQL before 9.3.15, 9.4.x before 9.4.10, and 9.5.x before 9.5.5 might allow remote attackers to execute arbitrary code by leveraging use of HTTP to download software. | 8.1 |
2018-08-20 | CVE-2018-14079 | Information Exposure vulnerability in Wi2Be Smart HP WMT R1.2.20201400922 Wi2be SMART HP WMT R1.2.20_201400922 allows unauthorized remote attackers to obtain sensitive information via /Status/SystemStatusRpm.esp. | 7.5 |
2018-08-20 | CVE-2018-14077 | Unspecified vulnerability in Wi2Be Smart HP WMT R1.2.20201400922 Wi2be SMART HP WMT R1.2.20_201400922 allows unauthorized remote attackers to backup the device configuration via a direct request to /Maintenance/configfile.cfg. | 7.5 |
2018-08-20 | CVE-2018-1000224 | Missing Initialization of Resource vulnerability in Godotengine Godot Godot Engine version All versions prior to 2.1.5, all 3.0 versions prior to 3.0.6. | 7.5 |
2018-08-20 | CVE-2018-1000223 | Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in Surina Soundtouch soundtouch version up to and including 2.0.0 contains a Buffer Overflow vulnerability in SoundStretch/WavFile.cpp:WavInFile::readHeaderBlock() that can result in arbitrary code execution. | 8.8 |
2018-08-20 | CVE-2018-1000222 | Double Free vulnerability in multiple products Libgd version 2.2.5 contains a Double Free Vulnerability vulnerability in gdImageBmpPtr Function that can result in Remote Code Execution . | 8.8 |
2018-08-20 | CVE-2018-1000216 | Double Free vulnerability in Cjson Project Cjson Dave Gamble cJSON version 1.7.2 and earlier contains a CWE-415: Double Free vulnerability in cJSON library that can result in Possible crash or RCE. | 8.8 |