Vulnerabilities > High
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2018-08-23 | CVE-2017-14453 | Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in Insteon HUB 2245-222 Firmware 1012 On Insteon Hub 2245-222 devices with firmware version 1012, specially crafted replies received from the PubNub service can cause buffer overflows on a global section overwriting arbitrary data. | 8.8 |
| 2018-08-23 | CVE-2018-3833 | Unspecified vulnerability in Insteon HUB 2245-222 Firmware 1013 An exploitable firmware downgrade vulnerability exists in Insteon Hub running firmware version 1013. | 7.5 |
| 2018-08-23 | CVE-2017-16348 | Improper Authentication vulnerability in Insteon HUB Firmware 1012 An exploitable denial of service vulnerability exists in Insteon Hub running firmware version 1012. | 7.5 |
| 2018-08-23 | CVE-2018-15685 | Insecure Default Initialization of Resource vulnerability in Electronjs Electron GitHub Electron 1.7.15, 1.8.7, 2.0.7, and 3.0.0-beta.6, in certain scenarios involving IFRAME elements and "nativeWindowOpen: true" or "sandbox: true" options, is affected by a WebPreferences vulnerability that can be leveraged to perform remote code execution. | 8.1 |
| 2018-08-22 | CVE-2018-11758 | XXE vulnerability in Apache Cayenne This affects Apache Cayenne 4.1.M1, 3.2.M1, 4.0.M2 to 4.0.M5, 4.0.B1, 4.0.B2, 4.0.RC1, 3.1, 3.1.1, 3.1.2. | 8.1 |
| 2018-08-22 | CVE-2018-14787 | Improper Privilege Management vulnerability in Philips Intellispace Cardiovascular and Xcelera In Philips' IntelliSpace Cardiovascular (ISCV) products (ISCV Version 2.x or prior and Xcelera Version 4.1 or prior), an attacker with escalated privileges could access folders which contain executables where authenticated users have write permissions, and could then execute arbitrary code with local administrative permissions. | 7.8 |
| 2018-08-22 | CVE-2018-5238 | Uncontrolled Search Path Element vulnerability in Symantec Norton Power Eraser and Symdiag Norton Power Eraser (prior to 5.3.0.24) and SymDiag (prior to 2.1.242) may be susceptible to a DLL Preloading vulnerability, which is a type of issue that can occur when an application looks to call a DLL for execution and an attacker provides a malicious DLL to use instead. | 7.8 |
| 2018-08-22 | CVE-2018-10858 | Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in multiple products A heap-buffer overflow was found in the way samba clients processed extra long filename in a directory listing. | 8.8 |
| 2018-08-22 | CVE-2017-2627 | Path Traversal vulnerability in multiple products A flaw was found in openstack-tripleo-common as shipped with Red Hat Openstack Enterprise 10 and 11. | 8.2 |
| 2018-08-22 | CVE-2018-1139 | Insufficiently Protected Credentials vulnerability in multiple products A flaw was found in the way samba before 4.7.9 and 4.8.4 allowed the use of weak NTLMv1 authentication even when NTLMv1 was explicitly disabled. | 8.1 |