Vulnerabilities > High

DATE CVE VULNERABILITY TITLE RISK
2018-07-02 CVE-2018-1212 Command Injection vulnerability in Dell Idrac6 Modular and Idrac6 Monolithic
The web-based diagnostics console in Dell EMC iDRAC6 (Monolithic versions prior to 2.91 and Modular all versions) contains a command injection vulnerability.
network
low complexity
dell CWE-77
8.8
8.8
2018-07-02 CVE-2018-10843 Incorrect Permission Assignment for Critical Resource vulnerability in Redhat Openshift Container Platform
source-to-image component of Openshift Container Platform before versions atomic-openshift 3.7.53, atomic-openshift 3.9.31 is vulnerable to a privilege escalation which allows the assemble script to run as the root user in a non-privileged container.
network
low complexity
redhat CWE-732
8.8
8.8
2018-07-02 CVE-2018-9276 OS Command Injection vulnerability in Paessler Prtg Network Monitor
An issue was discovered in PRTG Network Monitor before 18.2.39.
network
low complexity
paessler CWE-78
7.2
7.2
2018-07-02 CVE-2018-12577 OS Command Injection vulnerability in Tp-Link Tl-Wr841N Firmware 0.9.14.16
The Ping and Traceroute features on TP-Link TL-WR841N v13 00000001 0.9.1 4.16 v0001.0 Build 180119 Rel.65243n devices allow authenticated blind Command Injection.
network
low complexity
tp-link CWE-78
8.8
8.8
2018-07-02 CVE-2018-12574 Cross-Site Request Forgery (CSRF) vulnerability in Tp-Link Tl-Wr841N Firmware 0.9.14.16
CSRF exists for all actions in the web interface on TP-Link TL-WR841N v13 00000001 0.9.1 4.16 v0001.0 Build 180119 Rel.65243n devices.
network
low complexity
tp-link CWE-352
8.8
8.8
2018-07-02 CVE-2018-12529 Cross-Site Request Forgery (CSRF) vulnerability in Intex N150 Firmware
An issue was discovered on Intex N150 devices.
network
low complexity
intex CWE-352
8.8
8.8
2018-07-02 CVE-2018-12528 Unrestricted Upload of File with Dangerous Type vulnerability in Intex N150 Firmware
An issue was discovered on Intex N150 devices.
network
low complexity
intex CWE-434
8.1
8.1
2018-07-02 CVE-2018-12499 Improper Certificate Validation vulnerability in Motorola Mbp853 Firmware
The Motorola MBP853 firmware does not correctly validate server certificates.
network
high complexity
motorola CWE-295
7.4
7.4
2018-07-02 CVE-2018-13056 Improper Input Validation vulnerability in Zzcms 8.3
An issue was discovered on zzcms 8.3.
network
low complexity
zzcms CWE-20
7.5
7.5
2018-07-02 CVE-2018-13054 Link Following vulnerability in multiple products
An issue was discovered in Cinnamon 1.9.2 through 3.8.6.
network
low complexity
debian linuxmint CWE-59
8.1
8.1