Vulnerabilities > High
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2018-05-02 | CVE-2018-10657 | Improper Input Validation vulnerability in Matrix Synapse Matrix Synapse before 0.28.1 is prone to a denial of service flaw where malicious events injected with depth = 2^63 - 1 render rooms unusable, related to federation/federation_base.py and handlers/message.py, as exploited in the wild in April 2018. | 7.5 |
| 2018-05-02 | CVE-2013-6272 | Improper Access Control vulnerability in Google Android The NotificationBroadcastReceiver class in the com.android.phone process in Google Android 4.1.1 through 4.4.2 allows attackers to bypass intended access restrictions and consequently make phone calls to arbitrary numbers, send mmi or ussd codes, or hangup ongoing calls via a crafted application. | 7.8 |
| 2018-05-02 | CVE-2017-4952 | Incorrect Permission Assignment for Critical Resource vulnerability in VMWare Xenon VMware Xenon 1.x, prior to 1.5.4-CR7_1, 1.5.7_7, 1.5.4-CR6_2, 1.3.7-CR1_2, 1.1.0-CR0-3, 1.1.0-CR3_1,1.4.2-CR4_1, and 1.5.4_8, contains an authentication bypass vulnerability due to insufficient access controls for utility endpoints. | 7.5 |
| 2018-05-02 | CVE-2018-5517 | Improper Input Validation vulnerability in F5 products On F5 BIG-IP 13.1.0-13.1.0.5, malformed TCP packets sent to a self IP address or a FastL4 virtual server may cause an interruption of service. | 7.5 |
| 2018-05-02 | CVE-2018-5514 | Improper Input Validation vulnerability in F5 products On F5 BIG-IP 13.1.0-13.1.0.5, maliciously crafted HTTP/2 request frames can lead to denial of service. | 7.5 |
| 2018-05-02 | CVE-2018-5512 | Unspecified vulnerability in F5 products On F5 BIG-IP 13.1.0-13.1.0.5, when Large Receive Offload (LRO) and SYN cookies are enabled (default settings), undisclosed traffic patterns may cause TMM to restart. | 7.5 |
| 2018-05-02 | CVE-2017-1255 | Inadequate Encryption Strength vulnerability in IBM Security Guardium IBM Security Guardium 10.0, 10.0.1, and 10.1 through 10.1.4 uses weaker than expected cryptographic algorithms that could allow an attacker to decrypt highly sensitive information. | 7.5 |
| 2018-05-02 | CVE-2018-10647 | Incorrect Permission Assignment for Critical Resource vulnerability in Safervpn 4.2.5 SaferVPN 4.2.5 for Windows suffers from a SYSTEM privilege escalation vulnerability in its "SaferVPN.Service" service. | 7.8 |
| 2018-05-02 | CVE-2018-10646 | Incorrect Permission Assignment for Critical Resource vulnerability in Cyberghostvpn Cyberghost 6.5.0.3180 CyberGhost 6.5.0.3180 for Windows suffers from a SYSTEM privilege escalation vulnerability through the "CG6Service" service. | 7.8 |
| 2018-05-02 | CVE-2018-10645 | Incorrect Permission Assignment for Critical Resource vulnerability in Goldenfrog Vyprvpn 2.12.1.8015 Golden Frog VyprVPN 2.12.1.8015 for Windows suffers from a SYSTEM privilege escalation vulnerability through the "VyprVPN" service. | 7.8 |