Vulnerabilities > High
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2018-04-12 | CVE-2018-0963 | Unspecified vulnerability in Microsoft Windows 10 and Windows Server 2016 An elevation of privilege vulnerability exists in the way that the Windows Kernel handles objects in memory, aka "Windows Kernel Elevation of Privilege Vulnerability." This affects Windows Server 2016, Windows 10, Windows 10 Servers. | 7.8 |
| 2018-04-12 | CVE-2018-0956 | Unspecified vulnerability in Microsoft Windows 10 and Windows Server 2016 A denial of service vulnerability exists in the HTTP 2.0 protocol stack (HTTP.sys) when HTTP.sys improperly parses specially crafted HTTP 2.0 requests, aka "HTTP.sys Denial of Service Vulnerability." This affects Windows Server 2016, Windows 10, Windows 10 Servers. | 7.5 |
| 2018-04-12 | CVE-2018-0920 | Unspecified vulnerability in Microsoft Excel 2010 A remote code execution vulnerability exists in Microsoft Excel software when the software fails to properly handle objects in memory, aka "Microsoft Excel Remote Code Execution Vulnerability." This affects Microsoft Excel. | 7.8 |
| 2018-04-12 | CVE-2018-0870 | Out-of-bounds Write vulnerability in Microsoft Internet Explorer 11 A remote code execution vulnerability exists when Internet Explorer improperly accesses objects in memory, aka "Internet Explorer Memory Corruption Vulnerability." This affects Internet Explorer 11. | 7.5 |
| 2018-04-11 | CVE-2018-3888 | Out-of-bounds Write vulnerability in Pl32 Photoline 20.53 A memory corruption vulnerability exists in the PCX-parsing functionality of Computerinsel Photoline 20.53. | 7.8 |
| 2018-04-11 | CVE-2018-3887 | Out-of-bounds Write vulnerability in Pl32 Photoline 20.53 A memory corruption vulnerability exists in the PCX-parsing functionality of Computerinsel Photoline 20.53. | 7.8 |
| 2018-04-11 | CVE-2018-3886 | Out-of-bounds Write vulnerability in Pl32 Photoline 20.53 A memory corruption vulnerability exists in the PCX-parsing functionality of Computerinsel Photoline 20.53. | 7.8 |
| 2018-04-11 | CVE-2018-10054 | Improper Input Validation vulnerability in multiple products H2 1.4.197, as used in Datomic before 0.9.5697 and other products, allows remote code execution because CREATE ALIAS can execute arbitrary Java code. | 8.8 |
| 2018-04-11 | CVE-2018-10050 | SQL Injection vulnerability in Iscripts Eswap 2.4 iScripts eSwap v2.4 has SQL injection via the "registration_settings.php" ddlFree parameter in the Admin Panel. | 7.2 |
| 2018-04-11 | CVE-2018-10048 | Cross-Site Request Forgery (CSRF) vulnerability in Iscripts Eswap 2.4 iScripts eSwap v2.4 has CSRF via "registration_settings.php" in the Admin Panel. | 8.8 |