Vulnerabilities > High

DATE CVE VULNERABILITY TITLE RISK
2018-08-05 CVE-2018-14947 Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in Flowpaper Pdf2Json 0.69
An issue has been found in PDF2JSON 0.69.
network
low complexity
flowpaper CWE-119
8.8
8.8
2018-08-05 CVE-2018-14946 Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in Flowpaper Pdf2Json 0.69
An issue has been found in PDF2JSON 0.69.
network
low complexity
flowpaper CWE-119
8.8
8.8
2018-08-05 CVE-2018-14945 Out-of-bounds Write vulnerability in Jpeg Encoder Project Jpeg Encoder
An issue has been found in jpeg_encoder through 2015-11-27.
local
low complexity
jpeg-encoder-project CWE-787
7.8
7.8
2018-08-05 CVE-2018-14944 Out-of-bounds Write vulnerability in Jpeg Encoder Project Jpeg Encoder
An issue has been found in jpeg_encoder through 2015-11-27.
local
low complexity
jpeg-encoder-project CWE-787
7.8
7.8
2018-08-05 CVE-2018-14942 Path Traversal vulnerability in Harmonicinc NSG 9000 Firmware
Harmonic NSG 9000 devices allow remote authenticated users to conduct directory traversal attacks, as demonstrated by "POST /PY/EMULATION_GET_FILE" or "POST /PY/EMULATION_EXPORT" with FileName=../../../passwd in the POST data.
network
low complexity
harmonicinc CWE-22
8.8
8.8
2018-08-05 CVE-2018-14940 Resource Exhaustion vulnerability in PHPcms 9.0
PHPCMS 9 allows remote attackers to cause a denial of service (resource consumption) via large font_size, height, and width parameters in an api.php?op=checkcode request.
network
low complexity
phpcms CWE-400
7.5
7.5
2018-08-04 CVE-2018-14593 An issue was discovered in Open Ticket Request System (OTRS) 6.0.x through 6.0.9, 5.0.x through 5.0.28, and 4.0.x through 4.0.30.
network
low complexity
otrs debian
8.8
8.8
2018-08-04 CVE-2018-12483 OS Command Injection vulnerability in Ocsinventory-Ng Ocsinventory NG 2.4.1
OCS Inventory 2.4.1 is prone to a remote command-execution vulnerability.
network
low complexity
ocsinventory-ng CWE-78
8.8
8.8
2018-08-04 CVE-2018-12482 SQL Injection vulnerability in Ocsinventory-Ng Ocsinventory NG 2.4.1
OCS Inventory 2.4.1 contains multiple SQL injections in the search engine.
network
low complexity
ocsinventory-ng CWE-89
8.8
8.8
2018-08-03 CVE-2018-14928 Information Exposure vulnerability in Matera Banco 1.0.0
/contingency/servlet/ServletFileDownload executes as root and provides unauthenticated access to files via the file parameter.
network
low complexity
matera CWE-200
7.5
7.5