Vulnerabilities > High
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2018-09-13 | CVE-2018-8269 | Unspecified vulnerability in Microsoft Microsoft.Data.Odata A denial of service vulnerability exists when OData Library improperly handles web requests, aka "OData Denial of Service Vulnerability." This affects Microsoft.Data.OData. | 7.5 |
| 2018-09-13 | CVE-2018-0965 | Improper Input Validation vulnerability in Microsoft Windows 10 and Windows Server 2016 A remote code execution vulnerability exists when Windows Hyper-V on a host server fails to properly validate input from an authenticated user on a guest operating system, aka "Windows Hyper-V Remote Code Execution Vulnerability." This affects Windows Server 2016, Windows 10, Windows 10 Servers. | 8.4 |
| 2018-09-12 | CVE-2018-16981 | Out-of-bounds Write vulnerability in multiple products stb stb_image.h 2.19, as used in catimg, Emscripten, and other products, has a heap-based buffer overflow in the stbi__out_gif_code function. | 8.8 |
| 2018-09-12 | CVE-2018-16976 | Race Condition vulnerability in Gitolite Gitolite before 3.6.9 does not (in certain configurations involving @all or a regex) properly restrict access to a Git repository that is in the process of being migrated until the full set of migration steps has been completed. | 8.1 |
| 2018-09-12 | CVE-2018-15610 | Path Traversal vulnerability in Avaya IP Office 10.0/10.1/9.1 A vulnerability in the one-X Portal component of Avaya IP Office allows an authenticated attacker to read and delete arbitrary files on the system. | 8.8 |
| 2018-09-12 | CVE-2018-16962 | Write-what-where Condition vulnerability in Webroot Secureanywhere Webroot SecureAnywhere before 9.0.8.34 on macOS mishandles access to the driver by a process that lacks root privileges. | 7.8 |
| 2018-09-12 | CVE-2018-3669 | Unspecified vulnerability in Intel Centrino Firmware A STOP error (BSoD) in the ibtfltcoex.sys driver for Intel Centrino Wireless N and Intel Centrino Advanced N adapters may allow an unauthenticated user to potentially send a malformed L2CAP Connection Request is sent to the Intel Bluetooth device via the network. | 7.5 |
| 2018-09-12 | CVE-2018-3655 | Unspecified vulnerability in Intel products A vulnerability in a subsystem in Intel CSME before version 11.21.55, Intel Server Platform Services before version 4.0 and Intel Trusted Execution Engine Firmware before version 3.1.55 may allow an unauthenticated user to potentially modify or disclose information via physical access. low complexity intel | 7.3 |
| 2018-09-12 | CVE-2018-3643 | Unspecified vulnerability in Intel products A vulnerability in Power Management Controller firmware in systems using specific Intel(R) Converged Security and Management Engine (CSME) before version 11.8.55, 11.11.55, 11.21.55, 12.0.6 or Intel(R) Server Platform Services firmware before version 4.x.04 may allow an attacker with administrative privileges to uncover certain platform secrets via local access or to potentially execute arbitrary code. | 8.2 |
| 2018-09-12 | CVE-2018-12176 | Improper Input Validation vulnerability in Intel products Improper input validation in firmware for Intel NUC Kits may allow a privileged user to potentially execute arbitrary code resulting in information disclosure, escalation of privilege and/or denial of service via local access. | 8.2 |