Vulnerabilities > High
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2018-04-16 | CVE-2018-10070 | Resource Exhaustion vulnerability in Mikrotik Router Firmware 6.41.4 A vulnerability in MikroTik Version 6.41.4 could allow an unauthenticated remote attacker to exhaust all available CPU and all available RAM by sending a crafted FTP request on port 21 that begins with many '\0' characters, preventing the affected router from accepting new FTP connections. | 7.5 |
| 2018-04-16 | CVE-2017-6323 | XXE vulnerability in Symantec Management Console 7.6/8.0 The Symantec Management Console prior to ITMS 8.1 RU1, ITMS 8.0_POST_HF6, and ITMS 7.6_POST_HF7 has an issue whereby XML input containing a reference to an external entity is processed by a weakly configured XML parser. | 8.0 |
| 2018-04-16 | CVE-2016-9094 | Improper Input Validation vulnerability in Symantec Endpoint Protection Symantec Endpoint Protection clients place detected malware in quarantine as part of the intended product functionality. | 7.8 |
| 2018-04-16 | CVE-2016-9093 | Improper Input Validation vulnerability in Symantec Endpoint Protection A version of the SymEvent Driver that shipped with Symantec Endpoint Protection 12.1 RU6 MP6 and earlier fails to properly sanitize logged-in user input. | 7.0 |
| 2018-04-16 | CVE-2018-10137 | Cross-Site Request Forgery (CSRF) vulnerability in Iscripts Uberforx 2.2 iScripts UberforX 2.2 has CSRF in the "manage_settings" section of the Admin Panel via the /cms?section=manage_settings&action=edit URI. | 8.8 |
| 2018-04-16 | CVE-2017-10140 | Unspecified vulnerability in Postfix Postfix before 2.11.10, 3.0.x before 3.0.10, 3.1.x before 3.1.6, and 3.2.x before 3.2.2 might allow local users to gain privileges by leveraging undocumented functionality in Berkeley DB 2.x and later, related to reading settings from DB_CONFIG in the current directory. | 7.8 |
| 2018-04-16 | CVE-2018-3849 | Out-of-bounds Write vulnerability in multiple products In the ffghtb function in NASA CFITSIO 3.42, specially crafted images parsed via the library can cause a stack-based buffer overflow overwriting arbitrary data. | 8.8 |
| 2018-04-16 | CVE-2018-3848 | Out-of-bounds Write vulnerability in multiple products In the ffghbn function in NASA CFITSIO 3.42, specially crafted images parsed via the library can cause a stack-based buffer overflow overwriting arbitrary data. | 8.8 |
| 2018-04-16 | CVE-2018-3846 | Out-of-bounds Write vulnerability in multiple products In the ffgphd and ffgtkn functions in NASA CFITSIO 3.42, specially crafted images parsed via the library can cause a stack-based buffer overflow overwriting arbitrary data. | 8.8 |
| 2018-04-16 | CVE-2018-10132 | Cross-Site Request Forgery (CSRF) vulnerability in Pbootcms 0.9.8 PbootCMS v0.9.8 has CSRF via an admin.php/Message/mod/id/19.html?backurl=/index.php request, resulting in PHP code injection in the recontent parameter. | 8.8 |