Vulnerabilities > High
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2018-09-07 | CVE-2018-0648 | Untrusted Search Path vulnerability in Chatwork 2.3.0 Untrusted search path vulnerability in installer of ChatWork Desktop App for Windows 2.3.0 and earlier allows an attacker to gain privileges via a Trojan horse DLL in an unspecified directory. | 7.8 |
| 2018-09-07 | CVE-2018-0647 | Cross-Site Request Forgery (CSRF) vulnerability in Asus Wl-330Nul Firmware 3.0.0.41 Cross-site request forgery (CSRF) vulnerability in WL-330NUL Firmware version prior to 3.0.0.46 allows remote attackers to hijack the authentication of administrators via unspecified vectors. | 8.8 |
| 2018-09-07 | CVE-2018-0624 | Untrusted Search Path vulnerability in Yayoi-Kk products Untrusted search path vulnerability in Multiple Yayoi 17 Series products (Yayoi Kaikei 17 Series Ver.23.1.1 and earlier, Yayoi Aoiro Shinkoku 17 Ver.23.1.1 and earlier, Yayoi Kyuuyo 17 Ver.20.1.4 and earlier, Yayoi Kyuuyo Keisan 17 Ver.20.1.4 and earlier, Yayoi Hanbai 17 Series Ver.20.0.2 and earlier, and Yayoi Kokyaku Kanri 17 Ver.11.0.2 and earlier) allows an attacker to gain privileges via a Trojan horse DLL in an unspecified directory. | 7.8 |
| 2018-09-07 | CVE-2018-0623 | Untrusted Search Path vulnerability in Yayoi-Kk products Untrusted search path vulnerability in Multiple Yayoi 17 Series products (Yayoi Kaikei 17 Series Ver.23.1.1 and earlier, Yayoi Aoiro Shinkoku 17 Ver.23.1.1 and earlier, Yayoi Kyuuyo 17 Ver.20.1.4 and earlier, Yayoi Kyuuyo Keisan 17 Ver.20.1.4 and earlier, Yayoi Hanbai 17 Series Ver. | 7.8 |
| 2018-09-07 | CVE-2018-16651 | Improper Neutralization of Formula Elements in a CSV File vulnerability in PHPmyfaq The admin backend in phpMyFAQ before 2.9.11 allows CSV injection in reports. | 7.2 |
| 2018-09-07 | CVE-2018-16650 | Cross-Site Request Forgery (CSRF) vulnerability in PHPmyfaq phpMyFAQ before 2.9.11 allows CSRF. | 8.8 |
| 2018-09-06 | CVE-2018-15865 | Unspecified vulnerability in Pulsesecure Pulse Secure Desktop Client The Pulse Secure Desktop (macOS) has a Privilege Escalation Vulnerability. | 7.8 |
| 2018-09-06 | CVE-2018-5391 | Improper Input Validation vulnerability in multiple products The Linux kernel, versions 3.9+, is vulnerable to a denial of service attack with low rates of specially modified packets targeting IP fragment re-assembly. | 7.5 |
| 2018-09-06 | CVE-2018-1000669 | Cross-Site Request Forgery (CSRF) vulnerability in Koha KOHA Library System version 16.11.x (up until 16.11.13) and 17.05.x (up until 17.05.05) contains a Cross Site Request Forgery (CSRF) vulnerability in /cgi-bin/koha/members/paycollect.pl Parameters affected: borrowernumber, amount, amountoutstanding, paid that can result in Attackers can mark payments as paid for certain users on behalf of Administrators. | 8.8 |
| 2018-09-06 | CVE-2017-14026 | Improper Authentication vulnerability in Iceqube Thermal Management Center Firmware 3.18 In Ice Qube Thermal Management Center versions prior to version 4.13, the web application does not properly authenticate users which may allow an attacker to gain access to sensitive information. | 7.5 |