Vulnerabilities > High
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2018-06-07 | CVE-2018-12042 | Path Traversal vulnerability in Roxyfileman Roxy Fileman Roxy Fileman through v1.4.5 has Directory traversal via the php/download.php f parameter. | 7.5 |
| 2018-06-07 | CVE-2018-10619 | Unquoted Search Path or Element vulnerability in Rockwellautomation Factorytalk Linx Gateway and Rslinx Classic An unquoted search path or element in RSLinx Classic Versions 3.90.01 and prior and FactoryTalk Linx Gateway Versions 3.90.00 and prior may allow an authorized, but non-privileged local user to execute arbitrary code and allow a threat actor to escalate user privileges on the affected workstation. | 7.8 |
| 2018-06-07 | CVE-2017-6294 | Out-of-bounds Write vulnerability in Google Android In Android before the 2018-06-05 security patch level, NVIDIA Tegra X1 TZ contains a possible out of bounds write due to missing bounds check which could lead to escalation of privilege from the kernel to the TZ. | 7.8 |
| 2018-06-07 | CVE-2017-6292 | Out-of-bounds Write vulnerability in Google Android In Android before the 2018-06-05 security patch level, NVIDIA TLZ TrustZone contains a possible out of bounds write due to integer overflow which could lead to local escalation of privilege in the TrustZone with no additional execution privileges needed. | 7.8 |
| 2018-06-07 | CVE-2017-6290 | Integer Overflow or Wraparound vulnerability in Google Android In Android before the 2018-06-05 security patch level, NVIDIA TLK TrustZone contains a possible out of bounds write due to an integer overflow which could lead to local escalation of privilege with no additional execution privileges needed. | 7.8 |
| 2018-06-07 | CVE-2018-12036 | Write-what-where Condition vulnerability in Owasp Dependency-Check OWASP Dependency-Check before 3.2.0 allows attackers to write to arbitrary files via a crafted archive that holds directory traversal filenames. | 7.8 |
| 2018-06-07 | CVE-2018-1547 | Unspecified vulnerability in IBM Robotic Process Automation With Automation Anywhere 10.0 IBM Robotic Process Automation with Automation Anywhere 10.0 could allow a remote attacker to execute arbitrary code on the system, caused by improper output encoding in an CSV export. | 7.7 |
| 2018-06-07 | CVE-2018-1514 | Cross-Site Request Forgery (CSRF) vulnerability in IBM Robotic Process Automation With Automation Anywhere 10.0 IBM Robotic Process Automation with Automation Anywhere 10.0 is vulnerable to cross-site request forgery which could allow an attacker to execute malicious and unauthorized actions transmitted from a user that the website trusts. | 8.8 |
| 2018-06-07 | CVE-2018-12016 | Unspecified vulnerability in Gnome Epiphany libephymain.so in GNOME Web (aka Epiphany) through 3.28.2.1 allows remote attackers to cause a denial of service (application crash) via certain window.open and document.write calls. | 7.5 |
| 2018-06-07 | CVE-2018-12015 | Link Following vulnerability in multiple products In Perl through 5.26.2, the Archive::Tar module allows remote attackers to bypass a directory-traversal protection mechanism, and overwrite arbitrary files, via an archive file containing a symlink and a regular file with the same name. | 7.5 |