Vulnerabilities > High

DATE CVE VULNERABILITY TITLE RISK
2018-05-22 CVE-2018-11322 Unrestricted Upload of File with Dangerous Type vulnerability in Joomla Joomla!
An issue was discovered in Joomla! Core before 3.8.8.
network
high complexity
joomla CWE-434
7.5
2018-05-22 CVE-2018-6962 Unspecified vulnerability in VMWare Fusion
VMware Fusion (10.x before 10.1.2) contains a signature bypass vulnerability which may lead to a local privilege escalation.
local
low complexity
vmware
7.8
2018-05-22 CVE-2018-11367 Improper Input Validation vulnerability in Cppcms
An issue was discovered in CppCMS before 1.2.1.
network
low complexity
cppcms CWE-20
7.5
2018-05-22 CVE-2018-11329 Unspecified vulnerability in Ethercartel Ether Cartel 20180518
The DrugDealer function of a smart contract implementation for Ether Cartel, an Ethereum game, allows attackers to take over the contract's ownership, aka ceoAnyone.
network
low complexity
ethercartel
7.5
2018-05-22 CVE-2018-11365 Infinite Loop vulnerability in Wizardmac Readstat 0.1.1
sas/readstat_sas7bcat_read.c in libreadstat.a in ReadStat 0.1.1 has an infinite loop.
network
low complexity
wizardmac CWE-835
7.5
2018-05-22 CVE-2018-11364 Missing Release of Resource after Effective Lifetime vulnerability in Wizardmac Readstat 0.1.1
sav_parse_machine_integer_info_record in spss/readstat_sav_read.c in libreadstat.a in ReadStat 0.1.1 has a memory leak related to an iconv_open call.
network
low complexity
wizardmac CWE-772
7.5
2018-05-22 CVE-2018-11363 Out-of-bounds Read vulnerability in Pdfgen
jpeg_size in pdfgen.c in PDFGen before 2018-04-09 has a heap-based buffer over-read.
network
low complexity
pdfgen CWE-125
7.5
2018-05-22 CVE-2018-11345 Unrestricted Upload of File with Dangerous Type vulnerability in Asustor As6202T Firmware Adm3.1.0.Rfq3
An unrestricted file upload vulnerability in upload.cgi in ASUSTOR AS6202T ADM 3.1.0.RFQ3 allows attackers to upload supplied data via the POST parameter filename.
network
low complexity
asustor CWE-434
8.8
2018-05-22 CVE-2018-11341 Path Traversal vulnerability in Asustor As6202T Firmware Adm3.1.0.Rfq3
Directory traversal in importuser.cgi in ASUSTOR AS6202T ADM 3.1.0.RFQ3 allows attackers to navigate the file system via the filename parameter.
network
low complexity
asustor CWE-22
7.2
2018-05-22 CVE-2018-11340 Unrestricted Upload of File with Dangerous Type vulnerability in Asustor As6202T Firmware Adm3.1.0.Rfq3
An unrestricted file upload vulnerability in importuser.cgi in ASUSTOR AS6202T ADM 3.1.0.RFQ3 allows attackers to upload supplied data to a specified filename.
network
low complexity
asustor CWE-434
7.2