Vulnerabilities > High
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2018-05-19 | CVE-2018-4925 | Out-of-bounds Read vulnerability in Adobe Digital Editions Adobe Digital Editions versions 4.5.7 and below have an exploitable Out-of-bounds read vulnerability. | 7.5 |
| 2018-05-19 | CVE-2018-4920 | Type Confusion vulnerability in Adobe Flash Player and Flash Player Desktop Runtime Adobe Flash Player versions 28.0.0.161 and earlier have an exploitable type confusion vulnerability. | 8.8 |
| 2018-05-19 | CVE-2018-4919 | Use After Free vulnerability in Adobe Flash Player and Flash Player Desktop Runtime Adobe Flash Player versions 28.0.0.161 and earlier have an exploitable use after free vulnerability. | 8.8 |
| 2018-05-19 | CVE-2018-4873 | Unquoted Search Path or Element vulnerability in Adobe Creative Cloud Adobe Creative Cloud Desktop Application versions 4.4.1.298 and earlier have an exploitable Unquoted Search Path vulnerability. | 7.8 |
| 2018-05-18 | CVE-2018-8867 | Improper Input Validation vulnerability in GE products In GE PACSystems RX3i CPE305/310 version 9.20 and prior, RX3i CPE330 version 9.21 and prior, RX3i CPE 400 version 9.30 and prior, PACSystems RSTi-EP CPE 100 all versions, and PACSystems CPU320/CRU320 RXi all versions, the device does not properly validate input, which could allow a remote attacker to send specially crafted packets causing the device to become unavailable. | 7.5 |
| 2018-05-18 | CVE-2018-6562 | Insufficient Verification of Data Authenticity vulnerability in Totemo Totemomail Encryption Gateway totemomail Encryption Gateway before 6.0_b567 allows remote attackers to obtain sensitive information about user sessions and encryption key material via a JSONP hijacking attack. | 7.5 |
| 2018-05-18 | CVE-2018-1000400 | Improper Privilege Management vulnerability in Kubernetes Cri-O Kubernetes CRI-O version prior to 1.9 contains a Privilege Context Switching Error (CWE-270) vulnerability in the handling of ambient capabilities that can result in containers running with elevated privileges, allowing users abilities they should not have. | 8.8 |
| 2018-05-18 | CVE-2018-8015 | Uncontrolled Recursion vulnerability in Apache ORC In Apache ORC 1.0.0 to 1.4.3 a malformed ORC file can trigger an endlessly recursive function call in the C++ or Java parser. | 7.5 |
| 2018-05-18 | CVE-2018-11243 | Double Free vulnerability in UPX Project UPX 3.95 PackLinuxElf64::unpack in p_lx_elf.cpp in UPX 3.95 allows remote attackers to cause a denial of service (double free), limit the ability of a malware scanner to operate on the entire original data, or possibly have unspecified other impact via a crafted file. | 7.8 |
| 2018-05-18 | CVE-2018-11237 | Out-of-bounds Write vulnerability in multiple products An AVX-512-optimized implementation of the mempcpy function in the GNU C Library (aka glibc or libc6) 2.27 and earlier may write data beyond the target buffer, leading to a buffer overflow in __mempcpy_avx512_no_vzeroupper. | 7.8 |