Vulnerabilities > High

DATE CVE VULNERABILITY TITLE RISK
2018-09-04 CVE-2018-0674 Code Injection vulnerability in Hibara Attachecase
AttacheCase ver.2.8.4.0 and earlier allows an arbitrary script execution via unspecified vectors.
local
low complexity
hibara CWE-94
7.8
7.8
2018-09-04 CVE-2018-0656 Untrusted Search Path vulnerability in Sony Digital Paper APP 1.4.0.16050
Untrusted search path vulnerability in The installer of Digital Paper App version 1.4.0.16050 and earlier allows an attacker to gain privileges via a Trojan horse DLL in an unspecified directory.
local
low complexity
sony CWE-426
7.8
7.8
2018-09-04 CVE-2018-0646 Path Traversal vulnerability in Ponsoftware Explzh
Directory traversal vulnerability in Explzh v.7.58 and earlier allows an attacker to read arbitrary files via unspecified vectors.
local
low complexity
ponsoftware CWE-22
7.8
7.8
2018-09-04 CVE-2018-16448 Cross-Site Request Forgery (CSRF) vulnerability in Chshcms Cscms 4.0
Cscms 4 allows CSRF for creating a member via upload/admin.php/user/save, authenticating vip members via upload/admin.php/user/init/tid and upload/admin.php/user/init/rzid, and creating a super administrator and web editor via upload/admin.php/sys/save.
network
low complexity
chshcms CWE-352
8.8
8.8
2018-09-04 CVE-2018-16447 Cross-Site Request Forgery (CSRF) vulnerability in Frogcms Project Frogcms 0.9.5
Frog CMS 0.9.5 has admin/?/user/edit/1 CSRF.
network
low complexity
frogcms-project CWE-352
8.8
8.8
2018-09-04 CVE-2018-16446 Path Traversal vulnerability in Seamcms Seacms
An issue was discovered in SeaCMS through 6.61.
network
low complexity
seamcms CWE-22
7.5
7.5
2018-09-04 CVE-2018-16438 Out-of-bounds Read vulnerability in Hdfgroup Hdf5 1.8.20
An issue was discovered in the HDF HDF5 1.8.20 library.
network
low complexity
hdfgroup CWE-125
8.8
8.8
2018-09-04 CVE-2018-16431 Cross-Site Request Forgery (CSRF) vulnerability in Yfcmf 3.0
admin/admin/adminsave.html in YFCMF v3.0 allows CSRF to add an administrator account.
network
low complexity
yfcmf CWE-352
8.8
8.8
2018-09-04 CVE-2018-16430 Out-of-bounds Read vulnerability in multiple products
GNU Libextractor through 1.7 has an out-of-bounds read vulnerability in EXTRACTOR_zip_extract_method() in zip_extractor.c.
network
low complexity
gnu debian CWE-125
8.8
8.8
2018-09-04 CVE-2018-16429 Out-of-bounds Read vulnerability in multiple products
GNOME GLib 2.56.1 has an out-of-bounds read vulnerability in g_markup_parse_context_parse() in gmarkup.c, related to utf8_str().
network
low complexity
gnome canonical CWE-125
7.5
7.5