Vulnerabilities > High
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2018-04-16 | CVE-2018-10114 | Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in Gegl An issue was discovered in GEGL through 0.3.32. | 8.8 |
| 2018-04-16 | CVE-2018-10113 | Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in Gegl Generic Graphics Library An issue was discovered in GEGL through 0.3.32. | 7.5 |
| 2018-04-16 | CVE-2018-10112 | Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in Gegl An issue was discovered in GEGL through 0.3.32. | 8.8 |
| 2018-04-16 | CVE-2018-10111 | Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in Gegl An issue was discovered in GEGL through 0.3.32. | 7.5 |
| 2018-04-16 | CVE-2014-2069 | Path Traversal vulnerability in Eshtery.She7Ata Eshtery CMS Absolute path traversal vulnerability in Eshtery CMS allows remote attackers to read arbitrary files via a full pathname in the file parameter to FileManager.aspx. | 7.5 |
| 2018-04-13 | CVE-2017-0367 | Exposure of Resource to Wrong Sphere vulnerability in multiple products Mediawiki before 1.28.1 / 1.27.2 contains an unsafe use of temporary directory, where having LocalisationCache directory default to system tmp directory is insecure. | 8.8 |
| 2018-04-13 | CVE-2017-0362 | Cross-Site Request Forgery (CSRF) vulnerability in multiple products Mediawiki before 1.28.1 / 1.27.2 / 1.23.16 contains a flaw where the "Mark all pages visited" on the watchlist does not require a CSRF token. | 8.8 |
| 2018-04-13 | CVE-2017-0361 | Information Exposure vulnerability in multiple products Mediawiki before 1.28.1 / 1.27.2 / 1.23.16 contains an information disclosure flaw, where the api.log might contain passwords in plaintext. | 7.8 |
| 2018-04-13 | CVE-2017-0358 | Improper Privilege Management vulnerability in multiple products Jann Horn of Google Project Zero discovered that NTFS-3G, a read-write NTFS driver for FUSE, does not scrub the environment before executing modprobe with elevated privileges. | 7.8 |
| 2018-04-13 | CVE-2018-5511 | Unsafe Reflection vulnerability in multiple products On F5 BIG-IP 13.1.0-13.1.0.3 or 13.0.0, when authenticated administrative users execute commands in the Traffic Management User Interface (TMUI), also referred to as the BIG-IP Configuration utility, restrictions on allowed commands may not be enforced. | 7.2 |