Vulnerabilities > High

DATE CVE VULNERABILITY TITLE RISK
2018-08-06 CVE-2018-14960 Cross-Site Request Forgery (CSRF) vulnerability in Xiao5Ucompany Project Xiao5Ucompany 1.7
Xiao5uCompany 1.7 has CSRF via admin/Admin.asp.
network
low complexity
xiao5ucompany-project CWE-352
8.8
8.8
2018-08-06 CVE-2018-1551 Incorrect Permission Assignment for Critical Resource vulnerability in IBM Websphere MQ
IBM WebSphere MQ 8.0.0.2 through 8.0.0.8 and 9.0.0.0 through 9.0.0.3 could allow users to have more authority than they should have if an MQ administrator creates an invalid user group name.
network
high complexity
ibm CWE-732
7.5
7.5
2018-08-06 CVE-2017-1411 Insufficiently Protected Credentials vulnerability in IBM Security Identity Governance and Intelligence
IBM Security Identity Governance Virtual Appliance 5.2 through 5.2.3.2 does not require that users should have strong passwords by default, which makes it easier for attackers to compromise user accounts.
network
low complexity
ibm CWE-522
7.5
7.5
2018-08-06 CVE-2017-1396 Permission Issues vulnerability in IBM Security Identity Governance and Intelligence
IBM Security Identity Governance Virtual Appliance 5.2 through 5.2.3.2 specifies permissions for a security-critical resource in a way that allows that resource to be read or modified by unintended actors.
network
low complexity
ibm CWE-275
8.1
8.1
2018-08-06 CVE-2017-1366 Inadequate Encryption Strength vulnerability in IBM Security Identity Governance and Intelligence
IBM Security Identity Governance Virtual Appliance 5.2 through 5.2.3.2 uses weaker than expected cryptographic algorithms that could allow an attacker to decrypt highly sensitive information.
network
low complexity
ibm CWE-326
7.5
7.5
2018-08-05 CVE-2018-14959 Cross-Site Request Forgery (CSRF) vulnerability in Weaselcms Project Weaselcms 0.3.5
An issue was discovered in WeaselCMS v0.3.5.
network
low complexity
weaselcms-project CWE-352
8.8
8.8
2018-08-05 CVE-2018-14958 Cross-Site Request Forgery (CSRF) vulnerability in Weaselcms Project Weaselcms 0.3.5
An issue was discovered in WeaselCMS v0.3.5.
network
low complexity
weaselcms-project CWE-352
8.8
8.8
2018-08-05 CVE-2018-14948 Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in Sound Project Sound
An issue has been found in dilawar sound through 2017-11-27.
local
low complexity
sound-project CWE-119
7.8
7.8
2018-08-05 CVE-2018-14947 Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in Flowpaper Pdf2Json 0.69
An issue has been found in PDF2JSON 0.69.
network
low complexity
flowpaper CWE-119
8.8
8.8
2018-08-05 CVE-2018-14946 Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in Flowpaper Pdf2Json 0.69
An issue has been found in PDF2JSON 0.69.
network
low complexity
flowpaper CWE-119
8.8
8.8