Vulnerabilities > High
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2018-09-20 | CVE-2017-18280 | Unspecified vulnerability in Qualcomm products In Snapdragon (Automobile, Mobile, Wear) in version MDM9607, MSM8909W, MSM8996AU, SD 210/SD 212/SD 205, SD 425, SD 427, SD 430, SD 435, SD 450, SD 617, SD 625, SD 650/52, SD 820, SD 820A, SD 835, SDM429, SDM439, SDM632, Snapdragon_High_Med_2016, when a Trusted Application has opened the SPI/I2C interface to a particular device, it is possible for another Trusted Application to read the data on this open interface by calling the SPI/I2C read function. | 7.8 |
| 2018-09-19 | CVE-2018-17231 | Reachable Assertion vulnerability in Telegram Desktop 1.3.14 Telegram Desktop (aka tdesktop) 1.3.14 might allow attackers to cause a denial of service (assertion failure and application exit) via an "Edit color palette" search that triggers an "index out of range" condition. | 7.5 |
| 2018-09-19 | CVE-2018-3831 | Information Exposure vulnerability in Elastic Elasticsearch Elasticsearch Alerting and Monitoring in versions before 6.4.1 or 5.6.12 have an information disclosure issue when secrets are configured via the API. | 8.8 |
| 2018-09-19 | CVE-2018-3828 | Information Exposure Through Log Files vulnerability in Elastic Cloud Enterprise Elastic Cloud Enterprise (ECE) versions prior to 1.1.4 contain an information exposure vulnerability. | 7.5 |
| 2018-09-19 | CVE-2018-3827 | Information Exposure Through Log Files vulnerability in Elastic Azure Repository A sensitive data disclosure flaw was found in the Elasticsearch repository-azure (formerly elasticsearch-cloud-azure) plugin. | 8.1 |
| 2018-09-19 | CVE-2017-2876 | Classic Buffer Overflow vulnerability in Foscam C1 Firmware 2.52.2.43 An exploitable buffer overflow vulnerability exists in the Multi-Camera interface used by the Foscam C1 Indoor HD Camera running application firmware 2.52.2.43. | 7.5 |
| 2018-09-19 | CVE-2017-2873 | OS Command Injection vulnerability in Foscam C1 Firmware 2.52.2.43 An exploitable command injection vulnerability exists in the web management interface used by the Foscam C1 Indoor HD Camera running application firmware 2.52.2.43. | 7.2 |
| 2018-09-19 | CVE-2018-17208 | OS Command Injection vulnerability in Linksys Velop Firmware 1.1.2.187020 Linksys Velop 1.1.2.187020 devices allow unauthenticated command injection, providing an attacker with full root access, via cgi-bin/zbtest.cgi or cgi-bin/zbtest2.cgi (scripts that can be discovered with binwalk on the firmware, but are not visible in the web interface). | 8.8 |
| 2018-09-19 | CVE-2018-17205 | Reachable Assertion vulnerability in multiple products An issue was discovered in Open vSwitch (OvS) 2.7.x through 2.7.6, affecting ofproto_rule_insert__ in ofproto/ofproto.c. | 7.5 |
| 2018-09-19 | CVE-2017-2878 | Classic Buffer Overflow vulnerability in Foscam C1 Firmware 2.52.2.43 An exploitable buffer overflow vulnerability exists in the web management interface used by the Foscam C1 Indoor HD Camera running application firmware 2.52.2.43. | 7.5 |