Vulnerabilities > High
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2018-09-21 | CVE-2018-14732 | Improper Input Validation vulnerability in Webpack.Js Webpack-Dev-Server An issue was discovered in lib/Server.js in webpack-dev-server before 3.1.6. | 7.5 |
| 2018-09-21 | CVE-2018-14731 | Information Exposure vulnerability in Parceljs Parcel An issue was discovered in HMRServer.js in Parcel parcel-bundler. | 7.5 |
| 2018-09-21 | CVE-2018-14730 | Information Exposure vulnerability in Browserify-Hot Module Replacement Project Browserify-Hot Module Replacement An issue was discovered in Browserify-HMR. | 7.5 |
| 2018-09-21 | CVE-2018-12511 | Integer Overflow or Wraparound vulnerability in Substratum In the mintToken function of a smart contract implementation for Substratum (SUB), an Ethereum ERC20 token, the administrator can control mintedAmount, leverage an integer overflow, and modify a user account's balance arbitrarily. | 7.5 |
| 2018-09-21 | CVE-2018-16793 | Server-Side Request Forgery (SSRF) vulnerability in Microsoft Exchange Server 2010 Rollup 18 for Microsoft Exchange Server 2010 SP3 and previous versions has an SSRF vulnerability via the username parameter in /owa/auth/logon.aspx in the OWA (Outlook Web Access) login page. | 8.6 |
| 2018-09-21 | CVE-2018-3915 | Out-of-bounds Write vulnerability in Samsung Sth-Eth-250 Firmware 0.20.17 An exploitable stack-based buffer overflow vulnerability exists in the retrieval of database fields in the video-core HTTP server of the Samsung SmartThings Hub STH-ETH-250 - Firmware version 0.20.17. | 8.2 |
| 2018-09-21 | CVE-2018-3914 | Out-of-bounds Write vulnerability in Samsung Sth-Eth-250 Firmware 0.20.17 An exploitable stack-based buffer overflow vulnerability exists in the retrieval of database fields in the video-core HTTP server of the Samsung SmartThings Hub STH-ETH-250 - Firmware version 0.20.17. | 7.8 |
| 2018-09-21 | CVE-2018-3906 | Out-of-bounds Write vulnerability in Samsung Sth-Eth-250 Firmware 0.20.17 An exploitable stack-based buffer overflow vulnerability exists in the retrieval of a database field in video-core's HTTP server of Samsung SmartThings Hub. | 8.2 |
| 2018-09-21 | CVE-2018-3894 | Classic Buffer Overflow vulnerability in Samsung Sth-Eth-250 Firmware 0.20.17 An exploitable buffer overflow vulnerability exists in the /cameras/XXXX/clips handler of video-core's HTTP server of Samsung SmartThings Hub STH-ETH-250-Firmware version 0.20.17. | 8.8 |
| 2018-09-21 | CVE-2018-16784 | XML Injection (aka Blind XPath Injection) vulnerability in Dedecms 5.7 DedeCMS 5.7 SP2 allows XML injection, and resultant remote code execution, via a "<file type='file' name='../" substring. | 7.2 |