Vulnerabilities > High
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2018-07-02 | CVE-2018-13066 | Missing Release of Resource after Effective Lifetime vulnerability in Libming 0.4.8 There is a memory leak in util/parser.c in libming 0.4.8, which will lead to a denial of service via parseSWF_DEFINEBUTTON2, parseSWF_DEFINEFONT, parseSWF_DEFINEFONTINFO, parseSWF_DEFINELOSSLESS, parseSWF_DEFINESPRITE, parseSWF_DEFINETEXT, parseSWF_DOACTION, parseSWF_FILLSTYLEARRAY, parseSWF_FRAMELABEL, parseSWF_LINESTYLEARRAY, parseSWF_PLACEOBJECT2, or parseSWF_SHAPEWITHSTYLE. | 7.5 |
| 2018-07-02 | CVE-2018-1244 | Command Injection vulnerability in Dell Idrac7 Firmware, Idrac8 Firmware and Idrac9 Firmware Dell EMC iDRAC7/iDRAC8, versions prior to 2.60.60.60, and iDRAC9 versions prior to 3.21.21.21 contain a command injection vulnerability in the SNMP agent. | 8.8 |
| 2018-07-02 | CVE-2018-1243 | Improperly Implemented Security Check for Standard vulnerability in Dell products Dell EMC iDRAC6, versions prior to 2.91, iDRAC7/iDRAC8, versions prior to 2.60.60.60 and iDRAC9, versions prior to 3.21.21.21, contain a weak CGI session ID vulnerability. | 7.5 |
| 2018-07-02 | CVE-2018-1212 | Command Injection vulnerability in Dell Idrac6 Modular and Idrac6 Monolithic The web-based diagnostics console in Dell EMC iDRAC6 (Monolithic versions prior to 2.91 and Modular all versions) contains a command injection vulnerability. | 8.8 |
| 2018-07-02 | CVE-2018-10843 | Incorrect Permission Assignment for Critical Resource vulnerability in Redhat Openshift Container Platform source-to-image component of Openshift Container Platform before versions atomic-openshift 3.7.53, atomic-openshift 3.9.31 is vulnerable to a privilege escalation which allows the assemble script to run as the root user in a non-privileged container. | 8.8 |
| 2018-07-02 | CVE-2018-9276 | OS Command Injection vulnerability in Paessler Prtg Network Monitor An issue was discovered in PRTG Network Monitor before 18.2.39. | 7.2 |
| 2018-07-02 | CVE-2018-12577 | OS Command Injection vulnerability in Tp-Link Tl-Wr841N Firmware 0.9.14.16 The Ping and Traceroute features on TP-Link TL-WR841N v13 00000001 0.9.1 4.16 v0001.0 Build 180119 Rel.65243n devices allow authenticated blind Command Injection. | 8.8 |
| 2018-07-02 | CVE-2018-12574 | Cross-Site Request Forgery (CSRF) vulnerability in Tp-Link Tl-Wr841N Firmware 0.9.14.16 CSRF exists for all actions in the web interface on TP-Link TL-WR841N v13 00000001 0.9.1 4.16 v0001.0 Build 180119 Rel.65243n devices. | 8.8 |
| 2018-07-02 | CVE-2018-12529 | Cross-Site Request Forgery (CSRF) vulnerability in Intex N150 Firmware An issue was discovered on Intex N150 devices. | 8.8 |
| 2018-07-02 | CVE-2018-12528 | Unrestricted Upload of File with Dangerous Type vulnerability in Intex N150 Firmware An issue was discovered on Intex N150 devices. | 8.1 |