Vulnerabilities > High

DATE CVE VULNERABILITY TITLE RISK
2018-09-13 CVE-2018-16796 Unrestricted Upload of File with Dangerous Type vulnerability in Hiscout GRC Suite 3.1.3.12
HiScout GRC Suite before 3.1.5 allows Unrestricted Upload of Files with Dangerous Types.
network
low complexity
hiscout CWE-434
8.8
8.8
2018-09-13 CVE-2018-16745 Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in Mgetty Project Mgetty 1.1.28
An issue was discovered in mgetty before 1.2.1.
local
low complexity
mgetty-project CWE-119
7.8
7.8
2018-09-13 CVE-2018-16744 Unspecified vulnerability in Mgetty Project Mgetty 1.1.28
An issue was discovered in mgetty before 1.2.1.
local
low complexity
mgetty-project
7.8
7.8
2018-09-13 CVE-2018-16743 Out-of-bounds Write vulnerability in Mgetty Project Mgetty 1.1.28
An issue was discovered in mgetty before 1.2.1.
local
low complexity
mgetty-project CWE-787
7.8
7.8
2018-09-13 CVE-2018-16742 Out-of-bounds Write vulnerability in Mgetty Project Mgetty 1.1.28
An issue was discovered in mgetty before 1.2.1.
local
low complexity
mgetty-project CWE-787
7.8
7.8
2018-09-13 CVE-2018-16741 OS Command Injection vulnerability in multiple products
An issue was discovered in mgetty before 1.2.1.
local
low complexity
mgetty-project debian CWE-78
7.8
7.8
2018-09-13 CVE-2018-16987 Insufficiently Protected Credentials vulnerability in Squashtest Squash TM
Squash TM through 1.18.0 presents the cleartext passwords of external services in the administration panel, as demonstrated by a ta-server-password field in the HTML source code.
network
low complexity
squashtest CWE-522
7.2
7.2
2018-09-13 CVE-2018-5549 Improper Input Validation vulnerability in F5 Big-Ip Access Policy Manager
On BIG-IP APM 11.6.0-11.6.3.1, 12.1.0-12.1.3.3, 13.0.0, and 13.1.0-13.1.0.3, APMD may core when processing SAML Assertion or response containing certain elements.
network
low complexity
f5 CWE-20
7.5
7.5
2018-09-13 CVE-2018-5545 Improper Input Validation vulnerability in F5 Websafe Alert Server
On F5 WebSafe Alert Server 1.0.0-4.2.6, a malicious, authenticated user can execute code on the alert server by using a maliciously crafted payload.
network
low complexity
f5 CWE-20
8.8
8.8
2018-09-13 CVE-2018-16985 Out-of-bounds Read vulnerability in Lizard Project Lizard 2.0
In Lizard (formerly LZ5) 2.0, use of an invalid memory address was discovered in LZ5_compress_continue in lz5_compress.c, related to LZ5_compress_fastSmall and MEM_read32.
network
low complexity
lizard-project CWE-125
7.5
7.5