Vulnerabilities > High
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2018-08-20 | CVE-2018-1000646 | Unrestricted Upload of File with Dangerous Type vulnerability in Librehealth EHR 2.0.0 LibreHealthIO LH-EHR version REL-2.0.0 contains an Authenticated Unrestricted File Write vulnerability in Import template that can result in write files with malicious content and may lead to remote code execution. | 8.8 |
| 2018-08-20 | CVE-2018-1000637 | Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in multiple products zutils version prior to version 1.8-pre2 contains a Buffer Overflow vulnerability in zcat that can result in Potential denial of service or arbitrary code execution. | 7.8 |
| 2018-08-20 | CVE-2018-1000634 | Improper Privilege Management vulnerability in Openmicroscopy Omero The Open Microscopy Environment OMERO.server version 5.4.0 to 5.4.6 contains an Improper Access Control vulnerability in User management that can result in administrative user with privilege restrictions logging in as a more powerful administrator. | 7.2 |
| 2018-08-20 | CVE-2018-1000633 | Information Exposure vulnerability in Openmicroscopy Omero The Open Microscopy Environment OMERO.web version prior to 5.4.7 contains an Information Exposure Through Log Files vulnerability in the login form and change password form that can result in User's password being revealed. | 7.2 |
| 2018-08-20 | CVE-2018-1000632 | XML Injection (aka Blind XPath Injection) vulnerability in multiple products dom4j version prior to version 2.1.1 contains a CWE-91: XML Injection vulnerability in Class: Element. | 7.5 |
| 2018-08-20 | CVE-2018-5243 | Resource Exhaustion vulnerability in Symantec Encryption Management Server The Symantec Encryption Management Server (SEMS) product, prior to version 3.4.2 MP1, may be susceptible to a denial of service (DoS) exploit. | 7.5 |
| 2018-08-20 | CVE-2011-2765 | Link Following vulnerability in Pyro Project Pyro pyro before 3.15 unsafely handles pid files in temporary directory locations and opening the pid file as root. | 7.5 |
| 2018-08-20 | CVE-2018-15573 | Unrestricted Upload of File with Dangerous Type vulnerability in Reprisesoftware Reprise License Manager An issue was discovered in Reprise License Manager (RLM) through 12.2BL2. | 8.8 |
| 2018-08-20 | CVE-2018-15568 | Cross-Site Request Forgery (CSRF) vulnerability in Tp5Cms Project Tp5Cms 20170315/20170525 tp5cms through 2017-05-25 has CSRF via admin.php/category/delete.html. | 8.8 |
| 2018-08-20 | CVE-2018-15565 | Cross-Site Request Forgery (CSRF) vulnerability in Simple-Cms Project Simple CMS 20140311 An issue was discovered in daveismyname simple-cms through 2014-03-11. | 8.8 |