Vulnerabilities > High
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2018-08-02 | CVE-2018-10921 | Integer Overflow or Wraparound vulnerability in Ttembed Project Ttembed Certain input files may trigger an integer overflow in ttembed input file processing. | 7.5 |
| 2018-08-02 | CVE-2017-9118 | Out-of-bounds Read vulnerability in multiple products PHP 7.1.5 has an Out of bounds access in php_pcre_replace_impl via a crafted preg_replace call. | 7.5 |
| 2018-08-02 | CVE-2018-1336 | Infinite Loop vulnerability in multiple products An improper handing of overflow in the UTF-8 decoder with supplementary characters can lead to an infinite loop in the decoder causing a Denial of Service. | 7.5 |
| 2018-08-01 | CVE-2018-3939 | Use After Free vulnerability in Foxitsoftware Foxit Reader An exploitable use-after-free vulnerability exists in the JavaScript engine of Foxit Software's PDF Reader, version 9.1.0.5096. | 8.8 |
| 2018-08-01 | CVE-2018-3924 | Use After Free vulnerability in Foxitsoftware Foxit Reader An exploitable use-after-free vulnerability exists in the JavaScript engine of Foxit Software's Foxit PDF Reader version 9.1.5096. | 7.8 |
| 2018-08-01 | CVE-2018-12468 | Unrestricted Upload of File with Dangerous Type vulnerability in Microfocus Groupwise 18/18.0.1 A vulnerability in the administration console of Micro Focus GroupWise prior to version 18.0.2 may allow a remote attacker authenticated as an administrator to upload files to an arbitrary path on the server. | 7.2 |
| 2018-08-01 | CVE-2018-0413 | Cross-Site Request Forgery (CSRF) vulnerability in Cisco Identity Services Engine Software A vulnerability in the web-based management interface of Cisco Identity Services Engine (ISE) could allow an unauthenticated, remote attacker to conduct a cross-site request forgery (CSRF) attack and perform arbitrary actions on an affected device. | 8.8 |
| 2018-08-01 | CVE-2018-3847 | Out-of-bounds Write vulnerability in Nasa Cfitsio 3.42 Multiple exploitable buffer overflow vulnerabilities exist in image parsing functionality of the CFITSIO library version 3.42. | 8.8 |
| 2018-08-01 | CVE-2018-8034 | Improper Certificate Validation vulnerability in multiple products The host name verification when using TLS with the WebSocket client was missing. | 7.5 |
| 2018-08-01 | CVE-2018-1595 | Unspecified vulnerability in IBM Platform Symphony and Spectrum Symphony IBM Spectrum Symphony and Platform Symphony 7.1.2 and 7.2.0.2 could allow an authenticated user to execute arbitrary commands due to improper handling of user supplied input. | 8.8 |