Vulnerabilities > High
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2018-06-21 | CVE-2018-0300 | Path Traversal vulnerability in Cisco Fxos 2.0(1.68) A vulnerability in the process of uploading new application images to Cisco FXOS on the Cisco Firepower 4100 Series Next-Generation Firewall (NGFW) and Firepower 9300 Security Appliance could allow an authenticated, remote attacker using path traversal techniques to create or overwrite arbitrary files on an affected device. | 7.2 |
| 2018-06-21 | CVE-2018-0298 | Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in Cisco Firepower Extensible Operating System and Nx-Os A vulnerability in the web UI of Cisco FXOS and Cisco UCS Fabric Interconnect Software could allow an unauthenticated, remote attacker to cause a buffer overflow on an affected system. | 7.5 |
| 2018-06-20 | CVE-2018-0330 | OS Command Injection vulnerability in Cisco Nx-Os A vulnerability in the NX-API management application programming interface (API) in devices running, or based on, Cisco NX-OS Software could allow an authenticated, remote attacker to execute commands with elevated privileges. | 8.8 |
| 2018-06-20 | CVE-2018-0307 | OS Command Injection vulnerability in Cisco Nx-Os A vulnerability in the CLI of Cisco NX-OS Software could allow an authenticated, local attacker to perform a command-injection attack on an affected device. | 7.8 |
| 2018-06-20 | CVE-2018-0295 | Improper Input Validation vulnerability in Cisco Nx-Os A vulnerability in the Border Gateway Protocol (BGP) implementation of Cisco NX-OS Software could allow an unauthenticated, remote attacker to cause a denial of service (DoS) condition due to the device unexpectedly reloading. | 7.5 |
| 2018-06-20 | CVE-2018-0293 | OS Command Injection vulnerability in Cisco Nx-Os A vulnerability in role-based access control (RBAC) for Cisco NX-OS Software could allow an authenticated, remote attacker to execute CLI commands that should be restricted for a nonadministrative user. | 8.8 |
| 2018-06-20 | CVE-2018-0292 | Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in Cisco Nx-Os A vulnerability in the Internet Group Management Protocol (IGMP) Snooping feature of Cisco NX-OS Software could allow an unauthenticated, adjacent attacker to execute arbitrary code and gain full control of an affected system. | 8.8 |
| 2018-06-20 | CVE-2018-12604 | Information Exposure Through Log Files vulnerability in Njtech Greencms 2.3.0603 GreenCMS 2.3.0603 allows remote attackers to obtain sensitive information via a direct request for Data/Log/year_month_day.log. | 7.5 |
| 2018-06-20 | CVE-2018-5428 | Command Injection vulnerability in Tibco Data Virtualization 7.0.5/7.0.6 The version control adapters component of TIBCO Data Virtualization (formerly known as Cisco Information Server) contains vulnerabilities that may allow for arbitrary command execution. | 8.8 |
| 2018-06-20 | CVE-2018-12600 | Out-of-bounds Write vulnerability in multiple products In ImageMagick 7.0.8-3 Q16, ReadDIBImage and WriteDIBImage in coders/dib.c allow attackers to cause an out of bounds write via a crafted file. | 8.8 |