Vulnerabilities > High

DATE CVE VULNERABILITY TITLE RISK
2018-04-04 CVE-2018-9261 Excessive Iteration vulnerability in multiple products
In Wireshark 2.4.0 to 2.4.5 and 2.2.0 to 2.2.13, the NBAP dissector could crash with a large loop that ends with a heap-based buffer overflow.
network
low complexity
wireshark debian CWE-834
7.5
7.5
2018-04-04 CVE-2018-9260 Improper Input Validation vulnerability in multiple products
In Wireshark 2.4.0 to 2.4.5 and 2.2.0 to 2.2.13, the IEEE 802.15.4 dissector could crash.
network
low complexity
wireshark debian CWE-20
7.5
7.5
2018-04-04 CVE-2018-9259 Improper Input Validation vulnerability in multiple products
In Wireshark 2.4.0 to 2.4.5 and 2.2.0 to 2.2.13, the MP4 dissector could crash.
network
low complexity
wireshark debian CWE-20
7.5
7.5
2018-04-04 CVE-2018-9258 Improper Input Validation vulnerability in multiple products
In Wireshark 2.4.0 to 2.4.5, the TCP dissector could crash.
network
low complexity
wireshark debian CWE-20
7.5
7.5
2018-04-04 CVE-2018-9257 Infinite Loop vulnerability in Wireshark
In Wireshark 2.4.0 to 2.4.5, the CQL dissector could go into an infinite loop.
network
low complexity
wireshark CWE-835
7.5
7.5
2018-04-04 CVE-2018-9256 Improper Input Validation vulnerability in multiple products
In Wireshark 2.4.0 to 2.4.5 and 2.2.0 to 2.2.13, the LWAPP dissector could crash.
network
low complexity
wireshark debian CWE-20
7.5
7.5
2018-04-04 CVE-2016-10718 Improper Input Validation vulnerability in Brave Browser
Brave Browser before 0.13.0 allows a tab to close itself even if the tab was not opened by a script, resulting in denial of service.
network
low complexity
brave CWE-20
7.5
7.5
2018-04-04 CVE-2018-9234 Key Management Errors vulnerability in multiple products
GnuPG 2.2.4 and 2.2.5 does not enforce a configuration in which key certification requires an offline master Certify key, which results in apparently valid certifications that occurred only with access to a signing subkey.
network
low complexity
gnupg canonical CWE-320
7.5
7.5
2018-04-03 CVE-2018-8941 Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in D-Link Dsl-3782 Firmware 1.01
Diagnostics functionality on D-Link DSL-3782 devices with firmware EU v.
network
low complexity
d-link CWE-119
8.8
8.8
2018-04-03 CVE-2018-9240 NULL Pointer Dereference vulnerability in multiple products
ncmpc through 0.29 is prone to a NULL pointer dereference flaw.
network
low complexity
ncmpc-project debian canonical CWE-476
7.5
7.5