Vulnerabilities > High

DATE CVE VULNERABILITY TITLE RISK
2018-07-13 CVE-2018-14033 Out-of-bounds Read vulnerability in Hdfgroup Hdf5 1.8.20
An issue was discovered in the HDF HDF5 1.8.20 library.
network
low complexity
hdfgroup CWE-125
8.8
2018-07-13 CVE-2018-14031 Out-of-bounds Read vulnerability in Hdfgroup Hdf5 1.8.20
An issue was discovered in the HDF HDF5 1.8.20 library.
network
low complexity
hdfgroup CWE-125
8.8
2018-07-13 CVE-2018-14029 Cross-Site Request Forgery (CSRF) vulnerability in Creatiwity Witycms 0.6.2
CSRF vulnerability in admin/user/edit in Creatiwity wityCMS 0.6.2 allows an attacker to take over a user account, as demonstrated by modifying the account's email field.
network
low complexity
creatiwity CWE-352
8.8
2018-07-12 CVE-2018-14014 Cross-Site Request Forgery (CSRF) vulnerability in Super CMS Project Super CMS 20150505
In waimai Super Cms 20150505, there is a CSRF vulnerability that can add an admin account via admin.php?m=Member&a=adminadd.
network
low complexity
super-cms-project CWE-352
8.8
2018-07-12 CVE-2018-5529 Unspecified vulnerability in F5 Big-Ip Access Policy Manager and Big-Ip Edge
The svpn component of the F5 BIG-IP APM client prior to version 7.1.7 for Linux and Mac OS X runs as a privileged process and can allow an unprivileged user to assume super-user privileges on the local client host.
local
low complexity
f5
7.8
2018-07-12 CVE-2018-12980 Unrestricted Upload of File with Dangerous Type vulnerability in Wago products
An issue was discovered on WAGO e!DISPLAY 762-3000 through 762-3003 devices with firmware before FW 02.
network
low complexity
wago CWE-434
8.8
2018-07-12 CVE-2017-14709 Improper Certificate Validation vulnerability in Komoot
The komoot GmbH "Komoot - Cycling & Hiking Maps" app before 9.3.2 -- aka komoot-cycling-hiking-maps/id447374873 -- for iOS does not verify X.509 certificates from SSL servers, which allows man-in-the-middle attackers to spoof servers and obtain sensitive information via a crafted certificate.
network
high complexity
komoot CWE-295
7.4
2018-07-12 CVE-2018-14006 Integer Overflow or Wraparound vulnerability in Ngtoken Project Ngtoken
An integer overflow vulnerability exists in the function multipleTransfer of Neo Genesis Token (NGT), an Ethereum token smart contract.
network
low complexity
ngtoken-project CWE-190
7.5
2018-07-12 CVE-2018-14005 Integer Overflow or Wraparound vulnerability in Malaysiancoin Project Malaysiancoin
An integer overflow vulnerability exists in the function transferAny of Malaysia coins (Xmc), an Ethereum token smart contract.
network
low complexity
malaysiancoin-project CWE-190
7.5
2018-07-12 CVE-2018-14004 Integer Overflow or Wraparound vulnerability in Globecoin Project Globecoin
An integer overflow vulnerability exists in the function transfer_tokens_after_ICO of GlobeCoin (GLB), an Ethereum token smart contract.
network
low complexity
globecoin-project CWE-190
7.5