Vulnerabilities > High
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2018-09-10 | CVE-2018-16769 | Unspecified vulnerability in Webassembly Virtual Machine Project Webassembly Virtual Machine In WAVM through 2018-07-26, a crafted file sent to the WebAssembly Virtual Machine may cause a denial of service (application crash) or possibly have unspecified other impact because libRuntime.so!llvm::InstructionCombiningPass::runOnFunction is mishandled. | 8.8 |
| 2018-09-10 | CVE-2018-16768 | Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in Webassembly Virtual Machine Project Webassembly Virtual Machine In WAVM through 2018-07-26, a crafted file sent to the WebAssembly Virtual Machine may cause a denial of service (application crash) or possibly have unspecified other impact because of an unspecified "heap-buffer-overflow" condition in IR::FunctionValidationContext::end. | 8.8 |
| 2018-09-10 | CVE-2018-16767 | Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in Webassembly Virtual Machine Project Webassembly Virtual Machine In WAVM through 2018-07-26, a crafted file sent to the WebAssembly Virtual Machine may cause a denial of service (application crash) or possibly have unspecified other impact because of an unspecified "heap-buffer-overflow" condition in FunctionValidationContext::popAndValidateOperand. | 8.8 |
| 2018-09-10 | CVE-2018-16766 | Always-Incorrect Control Flow Implementation vulnerability in Webassembly Virtual Machine Project Webassembly Virtual Machine In WAVM through 2018-07-26, a crafted file sent to the WebAssembly Virtual Machine may cause a denial of service (application crash) or possibly have unspecified other impact because Errors::unreachable() is reached. | 8.8 |
| 2018-09-10 | CVE-2018-16765 | Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in Webassembly Virtual Machine Project Webassembly Virtual Machine In WAVM through 2018-07-26, a crafted file sent to the WebAssembly Virtual Machine may cause a denial of service (application crash) or possibly have unspecified other impact because of an unspecified "heap-buffer-overflow" condition in FunctionValidationContext::else_. | 8.8 |
| 2018-09-10 | CVE-2018-16764 | Out-of-bounds Read vulnerability in Webassembly Virtual Machine Project Webassembly Virtual Machine In WAVM through 2018-07-26, a crafted file sent to the WebAssembly Virtual Machine may cause a denial of service (application crash) or possibly have unspecified other impact because of an IR::FunctionValidationContext::catch_all heap-based buffer over-read. | 8.8 |
| 2018-09-08 | CVE-2018-16733 | Improper Input Validation vulnerability in Ethereum GO Ethereum In Go Ethereum (aka geth) before 1.8.14, TraceChain in eth/api_tracer.go does not verify that the end block is after the start block. | 7.5 |
| 2018-09-08 | CVE-2018-16732 | Cross-Site Request Forgery (CSRF) vulnerability in Chshcms Cscms 4.1 \upload\plugins\sys\admin\Setting.php in CScms 4.1 allows CSRF via admin.php/setting/ftp_save. | 8.8 |
| 2018-09-08 | CVE-2018-16715 | Incorrect Permission Assignment for Critical Resource vulnerability in Absolute Ctes Windows Agent 1.0.0.1479 An issue was discovered in Absolute Software CTES Windows Agent through 1.0.0.1479. | 8.8 |
| 2018-09-07 | CVE-2018-16454 | Improper Input Validation vulnerability in Currency Converter Script Project Currency Converter Script 2.0.5 PHP Scripts Mall Currency Converter Script 2.0.5 allows remote attackers to cause a denial of service (web-interface change) via an inverted comma. | 7.5 |