Vulnerabilities > High

DATE CVE VULNERABILITY TITLE RISK
2018-07-10 CVE-2018-2433 Unspecified vulnerability in SAP Kernel
SAP Gateway (SAP KERNEL 32 NUC, SAP KERNEL 32 Unicode, SAP KERNEL 64 NUC, SAP KERNEL 64 Unicode 7.21, 7.21EXT, 7.22 and 7.22EXT; SAP KERNEL 7.21, 7.22, 7.45, 7.49 and 7.53) allows an attacker to prevent legitimate users from accessing a service, either by crashing or flooding the service.
network
low complexity
sap
7.5
7.5
2018-07-10 CVE-2018-2427 Code Injection vulnerability in SAP products
SAP BusinessObjects Business Intelligence Suite, versions 4.10 and 4.20, and SAP Crystal Reports (version for Visual Studio .NET, Version 2010) allows an attacker to inject code that can be executed by the application.
network
low complexity
sap CWE-94
8.8
8.8
2018-07-10 CVE-2018-13848 Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in Axiosys Bento4 1.5.1624
An issue has been found in Bento4 1.5.1-624.
network
low complexity
axiosys CWE-119
7.5
7.5
2018-07-10 CVE-2018-13847 Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in Axiosys Bento4 1.5.1624
An issue has been found in Bento4 1.5.1-624.
network
low complexity
axiosys CWE-119
7.5
7.5
2018-07-10 CVE-2018-13844 Memory Leak vulnerability in Htslib 1.8
An issue has been found in HTSlib 1.8.
network
low complexity
htslib CWE-401
7.5
7.5
2018-07-10 CVE-2018-13843 Missing Release of Resource after Effective Lifetime vulnerability in Htslib 1.8
An issue has been found in HTSlib 1.8.
network
low complexity
htslib CWE-772
7.5
7.5
2018-07-10 CVE-2018-12461 Improper Certificate Validation vulnerability in Netiq Edirectory 9.1.1
Fixed issues with NetIQ eDirectory prior to 9.1.1 when checking certificate revocation.
network
low complexity
netiq CWE-295
7.5
7.5
2018-07-10 CVE-2018-10891 Unspecified vulnerability in Moodle
A flaw was found in moodle before versions 3.5.1, 3.4.4, 3.3.7, 3.1.13.
network
low complexity
moodle
7.3
7.3
2018-07-10 CVE-2018-1331 Unspecified vulnerability in Apache Storm
In Apache Storm 0.10.0 through 0.10.2, 1.0.0 through 1.0.6, 1.1.0 through 1.1.2, and 1.2.0 through 1.2.1, an attacker with access to a secure storm cluster in some cases could execute arbitrary code as a different user.
network
low complexity
apache
8.8
8.8
2018-07-10 CVE-2018-1566 Use of Externally-Controlled Format String vulnerability in IBM DB2
IBM DB2 for Linux, UNIX and Windows (includes DB2 Connect Server) 9.7, 10.1, 10.5, and 11.1 could allow a local user to execute arbitrary code due to a format string error.
local
low complexity
ibm CWE-134
7.8
7.8