Vulnerabilities > High
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2018-06-26 | CVE-2018-0594 | Untrusted Search Path vulnerability in Microsoft Skype Untrusted search path vulnerability in Skype for Windows allows an attacker to gain privileges via a Trojan horse DLL in an unspecified directory. | 7.8 |
| 2018-06-26 | CVE-2018-0593 | Untrusted Search Path vulnerability in Microsoft Onedrive Untrusted search path vulnerability in the installer of Microsoft OneDrive allows an attacker to gain privileges via a Trojan horse DLL in an unspecified directory. | 7.8 |
| 2018-06-26 | CVE-2018-0592 | Untrusted Search Path vulnerability in Microsoft Onedrive Untrusted search path vulnerability in Microsoft OneDrive allows an attacker to gain privileges via a Trojan horse DLL in an unspecified directory. | 7.8 |
| 2018-06-26 | CVE-2018-0584 | Information Exposure vulnerability in IIJ Smartkey 2.1.0 IIJ SmartKey App for Android version 2.1.0 and earlier allows remote attackers to bypass authentication [effect_of_bypassing_authentication] via unspecified vectors. | 7.5 |
| 2018-06-26 | CVE-2018-0572 | Unspecified vulnerability in Basercms baserCMS (baserCMS 4.1.0.1 and earlier versions, baserCMS 3.0.15 and earlier versions) allows remote authenticated attackers to bypass access restriction to view or alter a restricted content via unspecified vectors. | 8.1 |
| 2018-06-26 | CVE-2018-0569 | OS Command Injection vulnerability in Basercms baserCMS (baserCMS 4.1.0.1 and earlier versions, baserCMS 3.0.15 and earlier versions) allows remote authenticated attackers to execute arbitrary OS commands via unspecified vectors. | 8.8 |
| 2018-06-26 | CVE-2018-0563 | Untrusted Search Path vulnerability in Ntt-East products Untrusted search path vulnerability in the installer of FLET'S VIRUS CLEAR Easy Setup & Application Tool ver.13.0 and earlier versions and FLET'S VIRUS CLEAR v6 Easy Setup & Application Tool ver.13.0 and earlier versions allows an attacker to gain privileges via a Trojan horse DLL in an unspecified directory. | 7.8 |
| 2018-06-25 | CVE-2018-12603 | Cross-Site Request Forgery (CSRF) vulnerability in Lfdycms Lfcms 3.7.0 Cross-site request forgery (CSRF) vulnerability in admin.php in LFCMS 3.7.0 allows remote attackers to hijack the authentication of unspecified users for requests that add administrator users via the s parameter, a related issue to CVE-2018-12114. | 8.8 |
| 2018-06-25 | CVE-2018-12735 | Information Exposure vulnerability in Saj-Electric SAJ Solar Inverter SAJ Solar Inverter allows remote attackers to obtain potentially sensitive information via a direct request for the inverter_info.htm or english_main.htm URI. | 7.5 |
| 2018-06-25 | CVE-2018-12602 | Cross-Site Request Forgery (CSRF) vulnerability in Lfdycms Lfcms 3.7.0 A CSRF vulnerability exists in LFCMS 3.7.0: users can be added arbitrarily. | 8.8 |