Vulnerabilities > High
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2018-04-02 | CVE-2018-6248 | Out-of-bounds Read vulnerability in Nvidia GPU Driver NVIDIA Windows GPU Display Driver contains a vulnerability in the kernel mode layer handler for DxgkDdiEscape where the software uses a sequential operation to read or write a buffer, but it uses an incorrect length value that causes it to access memory that is outside of the bounds of the buffer which may lead to denial of service or possible escalation of privileges. | 8.8 |
| 2018-04-02 | CVE-2018-6247 | NULL Pointer Dereference vulnerability in Nvidia GPU Driver NVIDIA Windows GPU Display Driver contains a vulnerability in the kernel mode layer (nvlddmkm.sys) handler for DxgkDdiEscape where a NULL pointer dereference may lead to denial of service or possible escalation of privileges. | 8.8 |
| 2018-04-02 | CVE-2018-0194 | OS Command Injection vulnerability in Cisco IOS XE Multiple vulnerabilities in the CLI parser of Cisco IOS XE Software could allow an authenticated, local attacker to inject arbitrary commands into the CLI of the affected software, which could allow the attacker to gain access to the underlying Linux shell of an affected device and execute commands with root privileges on the device. | 7.8 |
| 2018-04-02 | CVE-2018-6661 | Untrusted Search Path vulnerability in Mcafee True KEY 3.1.9211.0/4.0.0.0/4.20 DLL Side-Loading vulnerability in Microsoft Windows Client in McAfee True Key before 4.20.110 allows local users to gain privilege elevation via not verifying a particular DLL file signature. | 7.8 |
| 2018-04-02 | CVE-2018-1038 | Unspecified vulnerability in Microsoft Windows 7 and Windows Server 2008 The Windows kernel in Windows 7 SP1 and Windows Server 2008 R2 SP1 allows an elevation of privilege vulnerability due to the way it handles objects in memory, aka "Windows Kernel Elevation of Privilege Vulnerability." | 7.8 |
| 2018-04-01 | CVE-2018-9158 | Improper Input Validation vulnerability in Axis M1033-W Firmware 5.40.5.1 An issue was discovered on AXIS M1033-W (IP camera) Firmware version 5.40.5.1 devices. | 7.5 |
| 2018-04-01 | CVE-2018-9157 | Unrestricted Upload of File with Dangerous Type vulnerability in Axis M1033-W Firmware 5.40.5.1 An issue was discovered on AXIS M1033-W (IP camera) Firmware version 5.40.5.1 devices. | 7.5 |
| 2018-04-01 | CVE-2018-9156 | Unrestricted Upload of File with Dangerous Type vulnerability in Axis P1354 Firmware 5.90.1.1 An issue was discovered on AXIS P1354 (IP camera) Firmware version 5.90.1.1 devices. | 7.5 |
| 2018-04-01 | CVE-2018-9128 | Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in Dvd-X-Player DVD X Player 5.5.3.9 DVD X Player Standard 5.5.3.9 has a Buffer Overflow via a crafted .plf file, a related issue to CVE-2007-3068. | 7.8 |
| 2018-03-31 | CVE-2018-8908 | Cross-Site Request Forgery (CSRF) vulnerability in Frog CMS Project Frog CMS 0.9.5 An issue was discovered in /admin/?/user/add in Frog CMS 0.9.5. | 8.8 |