Vulnerabilities > High
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2018-07-18 | CVE-2018-2882 | Unspecified vulnerability in Oracle Micros Retail-J Vulnerability in the MICROS Retail-J component of Oracle Retail Applications (subcomponent: Interfaces). | 7.7 |
| 2018-07-18 | CVE-2018-10871 | Cleartext Storage of Sensitive Information vulnerability in multiple products 389-ds-base before versions 1.3.8.5, 1.4.0.12 is vulnerable to a Cleartext Storage of Sensitive Information. | 7.2 |
| 2018-07-18 | CVE-2018-14371 | Path Traversal vulnerability in Eclipse Mojarra The getLocalePrefix function in ResourceManager.java in Eclipse Mojarra before 2.3.7 is affected by Directory Traversal via the loc parameter. | 7.5 |
| 2018-07-18 | CVE-2018-14379 | Incorrect Type Conversion or Cast vulnerability in Techsmith Mp4V2 2.0.0 MP4Atom::factory in mp4atom.cpp in MP4v2 2.0.0 incorrectly uses the MP4ItemAtom data type in a certain case where MP4DataAtom is required, which allows remote attackers to cause a denial of service (memory corruption) or possibly have unspecified other impact via a crafted MP4 file, because access to the data structure has different expectations about layout as a result of this type confusion. | 8.8 |
| 2018-07-17 | CVE-2018-14363 | Path Traversal vulnerability in multiple products An issue was discovered in NeoMutt before 2018-07-16. | 7.5 |
| 2018-07-17 | CVE-2018-14346 | Out-of-bounds Write vulnerability in multiple products GNU Libextractor before 1.7 has a stack-based buffer overflow in ec_read_file_func (unzip.c). | 8.8 |
| 2018-07-17 | CVE-2018-14345 | Insufficient Session Expiration vulnerability in Sddm Project Sddm An issue was discovered in SDDM through 0.17.0. | 7.5 |
| 2018-07-17 | CVE-2018-13860 | Information Exposure vulnerability in Trivum C4 Professional Firmware 8.76 MusicCenter / Trivum Multiroom Setup Tool V8.76 - SNR 8604.26 - C4 Professional before V9.34 build 13381 - 12.07.18 allows unauthorized remote attackers to obtain sensitive information via the "/xml/menu/getObjectEditor.xml" URL, using a "?oid=systemSetup&id=_0" or "?oid=systemUsers&id=_0" GET request. | 7.5 |
| 2018-07-17 | CVE-2018-14338 | Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in Exiv2 0.26 samples/geotag.cpp in the example code of Exiv2 0.26 misuses the realpath function on POSIX platforms (other than Apple platforms) where glibc is not used, possibly leading to a buffer overflow. | 8.1 |
| 2018-07-17 | CVE-2018-13864 | Path Traversal vulnerability in Lightbend Play Framework A directory traversal vulnerability has been found in the Assets controller in Play Framework 2.6.12 through 2.6.15 (fixed in 2.6.16) when running on Windows. | 7.5 |