Vulnerabilities > High
DATE | CVE | VULNERABILITY TITLE | RISK |
---|---|---|---|
2018-08-02 | CVE-2017-16349 | XXE vulnerability in SAP Business Planning and Consolidation An exploitable XML external entity vulnerability exists in the reporting functionality of SAP BPC. | 8.1 |
2018-08-02 | CVE-2018-10921 | Integer Overflow or Wraparound vulnerability in Ttembed Project Ttembed Certain input files may trigger an integer overflow in ttembed input file processing. | 7.5 |
2018-08-02 | CVE-2017-9118 | Out-of-bounds Read vulnerability in multiple products PHP 7.1.5 has an Out of bounds access in php_pcre_replace_impl via a crafted preg_replace call. | 7.5 |
2018-08-02 | CVE-2018-1336 | Infinite Loop vulnerability in multiple products An improper handing of overflow in the UTF-8 decoder with supplementary characters can lead to an infinite loop in the decoder causing a Denial of Service. | 7.5 |
2018-08-01 | CVE-2018-3939 | Use After Free vulnerability in Foxitsoftware Foxit Reader An exploitable use-after-free vulnerability exists in the JavaScript engine of Foxit Software's PDF Reader, version 9.1.0.5096. | 8.8 |
2018-08-01 | CVE-2018-3924 | Use After Free vulnerability in Foxitsoftware Foxit Reader An exploitable use-after-free vulnerability exists in the JavaScript engine of Foxit Software's Foxit PDF Reader version 9.1.5096. | 7.8 |
2018-08-01 | CVE-2018-12468 | Unrestricted Upload of File with Dangerous Type vulnerability in Microfocus Groupwise 18/18.0.1 A vulnerability in the administration console of Micro Focus GroupWise prior to version 18.0.2 may allow a remote attacker authenticated as an administrator to upload files to an arbitrary path on the server. | 7.2 |
2018-08-01 | CVE-2018-0413 | Cross-Site Request Forgery (CSRF) vulnerability in Cisco Identity Services Engine Software A vulnerability in the web-based management interface of Cisco Identity Services Engine (ISE) could allow an unauthenticated, remote attacker to conduct a cross-site request forgery (CSRF) attack and perform arbitrary actions on an affected device. | 8.8 |
2018-08-01 | CVE-2018-3847 | Out-of-bounds Write vulnerability in Nasa Cfitsio 3.42 Multiple exploitable buffer overflow vulnerabilities exist in image parsing functionality of the CFITSIO library version 3.42. | 8.8 |
2018-08-01 | CVE-2018-8034 | Improper Certificate Validation vulnerability in multiple products The host name verification when using TLS with the WebSocket client was missing. | 7.5 |