Vulnerabilities > High
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2018-05-01 | CVE-2018-9232 | Improper Authentication vulnerability in Twsz Be126 Firmware Due to the lack of firmware authentication in the upgrade process of T&W WIFI Repeater BE126 devices, an attacker can craft a malicious firmware and use it as an update. | 7.8 |
| 2018-05-01 | CVE-2018-6589 | Unspecified vulnerability in CA Spectrum CA Spectrum 10.1 prior to 10.01.02.PTF_10.1.239 and 10.2.x prior to 10.2.3 allows remote attackers to cause a denial of service via unspecified vectors. | 7.5 |
| 2018-05-01 | CVE-2013-4035 | Cryptographic Issues vulnerability in IBM Sterling Connect IBM Sterling Connect:Direct for OpenVMS 3.4.00, 3.4.01, 3.5.00, 3.6.0, and 3.6.0.1 allow remote attackers to have unspecified impact by leveraging failure to reject client requests for an unencrypted session when used as the server in a TCP/IP session and configured for SSL encryption with the client. | 7.3 |
| 2018-05-01 | CVE-2018-10583 | Information Exposure vulnerability in multiple products An information disclosure vulnerability occurs when LibreOffice 6.0.3 and Apache OpenOffice Writer 4.1.5 automatically process and initiate an SMB connection embedded in a malicious file, as demonstrated by xlink:href=file://192.168.0.2/test.jpg within an office:document-content element in a .odt XML document. | 7.5 |
| 2018-05-01 | CVE-2017-17020 | OS Command Injection vulnerability in Dlink products On D-Link DCS-5009 devices with firmware 1.08.11 and earlier, DCS-5010 devices with firmware 1.14.09 and earlier, and DCS-5020L devices with firmware before 1.15.01, command injection in alphapd (binary responsible for running the camera's web server) allows remote authenticated attackers to execute code through sanitized /setSystemAdmin user input in the AdminID field being passed directly to a call to system. | 8.8 |
| 2018-04-30 | CVE-2018-10576 | Improper Authentication vulnerability in Watchguard Ap100 Firmware, Ap102 Firmware and Ap200 Firmware An issue was discovered on WatchGuard AP100, AP102, and AP200 devices with firmware before 1.2.9.15. | 7.8 |
| 2018-04-30 | CVE-2018-1102 | Unspecified vulnerability in Redhat Openshift A flaw was found in source-to-image function as shipped with Openshift Enterprise 3.x. | 8.8 |
| 2018-04-30 | CVE-2018-5234 | Unspecified vulnerability in Symantec Norton Core Firmware The Norton Core router prior to v237 may be susceptible to a command injection exploit. low complexity symantec | 8.0 |
| 2018-04-30 | CVE-2018-9310 | Unspecified vulnerability in Magnicomp Sysinfo 10H76/10H80/10H81 An issue was discovered in MagniComp SysInfo before 10-H82 if setuid root (the default). | 7.8 |
| 2018-04-30 | CVE-2018-10573 | Unspecified vulnerability in Open-Emr Openemr interface/fax/fax_dispatch.php in OpenEMR before 5.0.1 allows remote authenticated users to bypass intended access restrictions via the scan parameter. | 8.8 |