Vulnerabilities > High
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2018-05-16 | CVE-2018-11209 | Use of a Broken or Risky Cryptographic Algorithm vulnerability in Zblogcn Z-Blogphp 2.0.0 An issue was discovered in Z-BlogPHP 2.0.0. | 7.2 |
| 2018-05-16 | CVE-2018-11206 | Out-of-bounds Read vulnerability in Hdfgroup Hdf5 1.10.2 An out of bounds read was discovered in H5O_fill_new_decode and H5O_fill_old_decode in H5Ofill.c in the HDF HDF5 1.10.2 library. | 8.1 |
| 2018-05-16 | CVE-2018-11205 | Out-of-bounds Read vulnerability in Hdfgroup Hdf5 1.10.2 A out of bounds read was discovered in H5VM_memcpyvv in H5VM.c in the HDF HDF5 1.10.2 library. | 8.1 |
| 2018-05-16 | CVE-2018-10760 | Unrestricted Upload of File with Dangerous Type vulnerability in Projectpier Unrestricted file upload vulnerability in the Files plugin in ProjectPier 0.88 and earlier allows remote authenticated users to execute arbitrary PHP code by uploading a file with an executable extension, then accessing it via a direct request to the file in the tmp directory under the document root. | 8.8 |
| 2018-05-16 | CVE-2018-10240 | Insufficient Entropy vulnerability in Solarwinds Serv-U SolarWinds Serv-U MFT before 15.1.6 HFv1 assigns authenticated users a low-entropy session token that can be included in requests to the application as a URL parameter in lieu of a session cookie. | 7.3 |
| 2018-05-16 | CVE-2018-5231 | Unspecified vulnerability in Atlassian Jira The ForgotLoginDetails resource in Atlassian Jira before version 7.6.6, from version 7.7.0 before version 7.7.4, from version 7.8.0 before version 7.8.4 and from version 7.9.0 before version 7.9.2 allows remote attackers to perform a denial of service attack via sending requests to it. | 7.5 |
| 2018-05-16 | CVE-2018-10738 | SQL Injection vulnerability in Nagios XI A SQL injection issue was discovered in Nagios XI before 5.4.13 via the admin/menuaccess.php chbKey1 parameter. | 7.2 |
| 2018-05-16 | CVE-2018-10737 | SQL Injection vulnerability in Nagios XI A SQL injection issue was discovered in Nagios XI before 5.4.13 via the admin/logbook.php txtSearch parameter. | 7.2 |
| 2018-05-16 | CVE-2018-10736 | SQL Injection vulnerability in Nagios XI A SQL injection issue was discovered in Nagios XI before 5.4.13 via the admin/info.php key1 parameter. | 7.2 |
| 2018-05-16 | CVE-2018-10735 | SQL Injection vulnerability in Nagios XI A SQL injection issue was discovered in Nagios XI before 5.4.13 via the admin/commandline.php cname parameter. | 7.2 |