Vulnerabilities > High

DATE CVE VULNERABILITY TITLE RISK
2018-05-22 CVE-2018-6493 SQL Injection vulnerability in HP products
SQL Injection in HP Network Operations Management Ultimate, version 2017.07, 2017.11, 2018.02 and in Network Automation, version 10.00, 10.10, 10.11, 10.20, 10.30, 10.40, 10.50.
network
low complexity
hp CWE-89
8.8
8.8
2018-05-22 CVE-2018-11378 Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in Radare Radare2 2.5.0
The wasm_dis() function in libr/asm/arch/wasm/wasm.c in or possibly have unspecified other impact via a crafted WASM file.
local
low complexity
radare CWE-119
7.8
7.8
2018-05-22 CVE-2017-2617 Unrestricted Upload of File with Dangerous Type vulnerability in Hawt.Io Hawtio
hawtio before version 1.5.5 is vulnerable to remote code execution via file upload.
local
low complexity
hawt-io CWE-434
7.8
7.8
2018-05-22 CVE-2016-8656 Permissions, Privileges, and Access Controls vulnerability in Redhat Jboss Enterprise Application Platform
Jboss jbossas before versions 5.2.0-23, 6.4.13, 7.0.5 is vulnerable to an unsafe file handling in the jboss init script which could result in local privilege escalation.
local
low complexity
redhat CWE-264
7.8
7.8
2018-05-22 CVE-2018-11371 Cross-Site Request Forgery (CSRF) vulnerability in Skycaiji 1.2
SkyCaiji 1.2 allows CSRF to add an Administrator user.
network
low complexity
skycaiji CWE-352
8.8
8.8
2018-05-22 CVE-2018-11323 Improper Privilege Management vulnerability in Joomla Joomla!
An issue was discovered in Joomla! Core before 3.8.8.
network
low complexity
joomla CWE-269
8.8
8.8
2018-05-22 CVE-2018-11322 Unrestricted Upload of File with Dangerous Type vulnerability in Joomla Joomla!
An issue was discovered in Joomla! Core before 3.8.8.
network
high complexity
joomla CWE-434
7.5
7.5
2018-05-22 CVE-2018-6962 Unspecified vulnerability in VMWare Fusion
VMware Fusion (10.x before 10.1.2) contains a signature bypass vulnerability which may lead to a local privilege escalation.
local
low complexity
vmware
7.8
7.8
2018-05-22 CVE-2018-11367 Improper Input Validation vulnerability in Cppcms
An issue was discovered in CppCMS before 1.2.1.
network
low complexity
cppcms CWE-20
7.5
7.5
2018-05-22 CVE-2018-11329 Unspecified vulnerability in Ethercartel Ether Cartel 20180518
The DrugDealer function of a smart contract implementation for Ether Cartel, an Ethereum game, allows attackers to take over the contract's ownership, aka ceoAnyone.
network
low complexity
ethercartel
7.5
7.5