Vulnerabilities > High
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2018-05-04 | CVE-2018-10748 | Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in D-Link Dsl-3782 Firmware 1.01 An issue was discovered on D-Link DSL-3782 EU 1.01 devices. | 8.8 |
| 2018-05-04 | CVE-2018-10747 | Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in D-Link Dsl-3782 Firmware 1.01 An issue was discovered on D-Link DSL-3782 EU 1.01 devices. | 8.8 |
| 2018-05-04 | CVE-2018-10746 | Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in D-Link Dsl-3782 Firmware 1.01 An issue was discovered on D-Link DSL-3782 EU 1.01 devices. | 8.8 |
| 2018-05-04 | CVE-2018-9063 | Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in Lenovo System Update MapDrv (C:\Program Files\Lenovo\System Update\mapdrv.exe) In Lenovo System Update versions earlier than 5.07.0072 contains a local vulnerability where an attacker entering very large user ID or password can overrun the program's buffer, causing undefined behaviors, such as execution of arbitrary code. | 7.8 |
| 2018-05-04 | CVE-2018-8872 | Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in Schneider-Electric Triconex Tricon MP 3008 Firmware 10.0/10.4 In Schneider Electric Triconex Tricon MP model 3008 firmware versions 10.0-10.4, system calls read directly from memory addresses within the control program area without any verification. | 8.1 |
| 2018-05-04 | CVE-2018-8861 | Unspecified vulnerability in Philips products Vulnerabilities within the Philips Brilliance CT kiosk environment (Brilliance 64 version 2.6.2 and prior, Brilliance iCT versions 4.1.6 and prior, Brillance iCT SP versions 3.2.4 and prior, and Brilliance CT Big Bore 2.3.5 and prior) could enable a limited-access kiosk user or an unauthorized attacker to break-out from the containment of the kiosk environment, attain elevated privileges from the underlying Windows OS, and access unauthorized resources from the operating system. | 8.7 |
| 2018-05-04 | CVE-2018-8857 | Use of Hard-coded Credentials vulnerability in Philips products Philips Brilliance CT software (Brilliance 64 version 2.6.2 and prior, Brilliance iCT versions 4.1.6 and prior, Brillance iCT SP versions 3.2.4 and prior, and Brilliance CT Big Bore 2.3.5 and prior) contains fixed credentials, such as a password or cryptographic key, which it uses for its own inbound authentication, outbound communication to external components, or encryption of internal data. | 7.8 |
| 2018-05-04 | CVE-2018-8853 | Improper Privilege Management vulnerability in Philips products Philips Brilliance CT devices operate user functions from within a contained kiosk in a Microsoft Windows operating system. | 8.8 |
| 2018-05-04 | CVE-2018-10641 | Improper Authentication vulnerability in Dlink Dir-601 Firmware 1.02Na D-Link DIR-601 A1 1.02NA devices do not require the old password for a password change, which occurs in cleartext. | 8.1 |
| 2018-05-04 | CVE-2018-10722 | Link Following vulnerability in Cylance Cylanceprotect In Cylance CylancePROTECT before 1470, an unprivileged local user can obtain SYSTEM privileges because users have Modify access to the %PROGRAMFILES%\Cylance\Desktop\log folder, the CyUpdate process grants users Modify access to new files created in this folder, and a new file can be a symlink chain to a pathname of an arbitrary DLL that CyUpdate uses. | 7.8 |