Vulnerabilities > High
DATE | CVE | VULNERABILITY TITLE | RISK |
---|---|---|---|
2018-08-20 | CVE-2017-16744 | Path Traversal vulnerability in Tridium Niagara and Niagara AX Framework A path traversal vulnerability in Tridium Niagara AX Versions 3.8 and prior and Niagara 4 systems Versions 4.4 and prior installed on Microsoft Windows Systems can be exploited by leveraging valid platform (administrator) credentials. | 7.2 |
2018-08-20 | CVE-2016-7048 | Improper Access Control vulnerability in Postgresql The interactive installer in PostgreSQL before 9.3.15, 9.4.x before 9.4.10, and 9.5.x before 9.5.5 might allow remote attackers to execute arbitrary code by leveraging use of HTTP to download software. | 8.1 |
2018-08-20 | CVE-2018-14079 | Information Exposure vulnerability in Wi2Be Smart HP WMT R1.2.20201400922 Wi2be SMART HP WMT R1.2.20_201400922 allows unauthorized remote attackers to obtain sensitive information via /Status/SystemStatusRpm.esp. | 7.5 |
2018-08-20 | CVE-2018-14077 | Unspecified vulnerability in Wi2Be Smart HP WMT R1.2.20201400922 Wi2be SMART HP WMT R1.2.20_201400922 allows unauthorized remote attackers to backup the device configuration via a direct request to /Maintenance/configfile.cfg. | 7.5 |
2018-08-20 | CVE-2018-1000224 | Missing Initialization of Resource vulnerability in Godotengine Godot Godot Engine version All versions prior to 2.1.5, all 3.0 versions prior to 3.0.6. | 7.5 |
2018-08-20 | CVE-2018-1000223 | Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in Surina Soundtouch soundtouch version up to and including 2.0.0 contains a Buffer Overflow vulnerability in SoundStretch/WavFile.cpp:WavInFile::readHeaderBlock() that can result in arbitrary code execution. | 8.8 |
2018-08-20 | CVE-2018-1000222 | Double Free vulnerability in multiple products Libgd version 2.2.5 contains a Double Free Vulnerability vulnerability in gdImageBmpPtr Function that can result in Remote Code Execution . | 8.8 |
2018-08-20 | CVE-2018-1000216 | Double Free vulnerability in Cjson Project Cjson Dave Gamble cJSON version 1.7.2 and earlier contains a CWE-415: Double Free vulnerability in cJSON library that can result in Possible crash or RCE. | 8.8 |
2018-08-20 | CVE-2018-1000215 | Missing Release of Resource after Effective Lifetime vulnerability in Cjson Project Cjson Dave Gamble cJSON version 1.7.6 and earlier contains a CWE-772 vulnerability in cJSON library that can result in Denial of Service (DoS). | 7.5 |
2018-08-20 | CVE-2018-1000657 | Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in Rust-Lang Rust Rust Programming Language Rust standard library version Commit bfa0e1f58acf1c28d500c34ed258f09ae021893e and later; stable release 1.3.0 and later contains a Buffer Overflow vulnerability in std::collections::vec_deque::VecDeque::reserve() function that can result in Arbitrary code execution, but no proof-of-concept exploit is currently published.. | 7.8 |