Vulnerabilities > High
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2018-10-08 | CVE-2018-1000807 | Use After Free vulnerability in multiple products Python Cryptographic Authority pyopenssl version prior to version 17.5.0 contains a CWE-416: Use After Free vulnerability in X509 object handling that can result in Use after free can lead to possible denial of service or remote code execution.. | 8.1 |
| 2018-10-08 | CVE-2018-1000805 | Incorrect Authorization vulnerability in multiple products Paramiko version 2.4.1, 2.3.2, 2.2.3, 2.1.5, 2.0.8, 1.18.5, 1.17.6 contains a Incorrect Access Control vulnerability in SSH server that can result in RCE. | 8.8 |
| 2018-10-08 | CVE-2018-14810 | Out-of-bounds Write vulnerability in We-Con PI Studio and PI Studio HMI WECON Technology Co., Ltd. | 8.8 |
| 2018-10-07 | CVE-2018-18021 | Improper Input Validation vulnerability in multiple products arch/arm64/kvm/guest.c in KVM in the Linux kernel before 4.18.12 on the arm64 platform mishandles the KVM_SET_ON_REG ioctl. | 7.1 |
| 2018-10-05 | CVE-2018-15763 | Information Exposure Through Log Files vulnerability in Pivotal Software Pivotal Container Service Pivotal Container Service, versions prior to 1.2.0, contains an information disclosure vulnerability which exposes IaaS credentials to application logs. | 8.8 |
| 2018-10-05 | CVE-2018-11083 | Unspecified vulnerability in Cloud Foundry Bosh Cloud Foundry BOSH, versions v264 prior to v264.14.0 and v265 prior to v265.7.0 and v266 prior to v266.8.0 and v267 prior to v267.2.0, allows refresh tokens to be as access tokens when using UAA for authentication. | 8.1 |
| 2018-10-05 | CVE-2018-11081 | Unspecified vulnerability in Pivotal Software Operations Manager Pivotal Operations Manager, versions 2.2.x prior to 2.2.1, 2.1.x prior to 2.1.11, 2.0.x prior to 2.0.16, and 1.11.x prior to 2, fails to write the Operations Manager UAA config onto the temp RAM disk, thus exposing the configs directly onto disk. | 8.8 |
| 2018-10-05 | CVE-2018-11064 | Incorrect Permission Assignment for Critical Resource vulnerability in Dell products Dell EMC Unity OE versions 4.3.0.x and 4.3.1.x and UnityVSA OE versions 4.3.0.x and 4.3.1.x contains an Incorrect File Permissions vulnerability. | 7.8 |
| 2018-10-05 | CVE-2018-11778 | Out-of-bounds Write vulnerability in Apache Ranger UnixAuthenticationService in Apache Ranger 1.2.0 was updated to correctly handle user input to avoid Stack-based buffer overflow. | 8.8 |
| 2018-10-05 | CVE-2018-0405 | Path Traversal vulnerability in Cisco Rv180W Firmware and Rv220W Firmware A vulnerability in the web framework code for Cisco RV180W Wireless-N Multifunction VPN Router and Small Business RV Series RV220W Wireless Network Security Firewall could allow an unauthenticated, remote attacker to conduct a directory path traversal attack on a targeted device. | 7.5 |