Vulnerabilities > High

DATE CVE VULNERABILITY TITLE RISK
2018-07-02 CVE-2018-13066 Missing Release of Resource after Effective Lifetime vulnerability in Libming 0.4.8
There is a memory leak in util/parser.c in libming 0.4.8, which will lead to a denial of service via parseSWF_DEFINEBUTTON2, parseSWF_DEFINEFONT, parseSWF_DEFINEFONTINFO, parseSWF_DEFINELOSSLESS, parseSWF_DEFINESPRITE, parseSWF_DEFINETEXT, parseSWF_DOACTION, parseSWF_FILLSTYLEARRAY, parseSWF_FRAMELABEL, parseSWF_LINESTYLEARRAY, parseSWF_PLACEOBJECT2, or parseSWF_SHAPEWITHSTYLE.
network
low complexity
libming CWE-772
7.5
2018-07-02 CVE-2018-1244 Command Injection vulnerability in Dell Idrac7 Firmware, Idrac8 Firmware and Idrac9 Firmware
Dell EMC iDRAC7/iDRAC8, versions prior to 2.60.60.60, and iDRAC9 versions prior to 3.21.21.21 contain a command injection vulnerability in the SNMP agent.
network
low complexity
dell CWE-77
8.8
2018-07-02 CVE-2018-1243 Improperly Implemented Security Check for Standard vulnerability in Dell products
Dell EMC iDRAC6, versions prior to 2.91, iDRAC7/iDRAC8, versions prior to 2.60.60.60 and iDRAC9, versions prior to 3.21.21.21, contain a weak CGI session ID vulnerability.
network
low complexity
dell CWE-358
7.5
2018-07-02 CVE-2018-1212 Command Injection vulnerability in Dell Idrac6 Modular and Idrac6 Monolithic
The web-based diagnostics console in Dell EMC iDRAC6 (Monolithic versions prior to 2.91 and Modular all versions) contains a command injection vulnerability.
network
low complexity
dell CWE-77
8.8
2018-07-02 CVE-2018-10843 Incorrect Permission Assignment for Critical Resource vulnerability in Redhat Openshift Container Platform
source-to-image component of Openshift Container Platform before versions atomic-openshift 3.7.53, atomic-openshift 3.9.31 is vulnerable to a privilege escalation which allows the assemble script to run as the root user in a non-privileged container.
network
low complexity
redhat CWE-732
8.8
2018-07-02 CVE-2018-9276 OS Command Injection vulnerability in Paessler Prtg Network Monitor
An issue was discovered in PRTG Network Monitor before 18.2.39.
network
low complexity
paessler CWE-78
7.2
2018-07-02 CVE-2018-12577 OS Command Injection vulnerability in Tp-Link Tl-Wr841N Firmware 0.9.14.16
The Ping and Traceroute features on TP-Link TL-WR841N v13 00000001 0.9.1 4.16 v0001.0 Build 180119 Rel.65243n devices allow authenticated blind Command Injection.
network
low complexity
tp-link CWE-78
8.8
2018-07-02 CVE-2018-12574 Cross-Site Request Forgery (CSRF) vulnerability in Tp-Link Tl-Wr841N Firmware 0.9.14.16
CSRF exists for all actions in the web interface on TP-Link TL-WR841N v13 00000001 0.9.1 4.16 v0001.0 Build 180119 Rel.65243n devices.
network
low complexity
tp-link CWE-352
8.8
2018-07-02 CVE-2018-12529 Cross-Site Request Forgery (CSRF) vulnerability in Intex N150 Firmware
An issue was discovered on Intex N150 devices.
network
low complexity
intex CWE-352
8.8
2018-07-02 CVE-2018-12528 Unrestricted Upload of File with Dangerous Type vulnerability in Intex N150 Firmware
An issue was discovered on Intex N150 devices.
network
low complexity
intex CWE-434
8.1