Vulnerabilities > High
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2018-03-13 | CVE-2018-1000070 | Code Injection vulnerability in Bitmessage Pybitmessage 0.6.2 Bitmessage PyBitmessage version v0.6.2 (and introduced in or after commit 8ce72d8d2d25973b7064b1cf76a6b0b3d62f0ba0) contains a Eval injection vulnerability in main program, file src/messagetypes/__init__.py function constructObject that can result in Code Execution. | 8.8 |
| 2018-03-13 | CVE-2018-1000104 | Insufficiently Protected Credentials vulnerability in Jenkins Coverity A plaintext storage of a password vulnerability exists in Jenkins Coverity Plugin 1.10.0 and earlier in CIMInstance.java that allows an attacker with local file system access or control of a Jenkins administrator's web browser (e.g. | 7.8 |
| 2018-03-13 | CVE-2018-1000099 | Access of Uninitialized Pointer vulnerability in multiple products Teluu PJSIP version 2.7.1 and earlier contains a Access of Null/Uninitialized Pointer vulnerability in pjmedia SDP parsing that can result in Crash. | 7.5 |
| 2018-03-13 | CVE-2018-1000098 | Integer Overflow or Wraparound vulnerability in multiple products Teluu PJSIP version 2.7.1 and earlier contains a Integer Overflow vulnerability in pjmedia SDP parsing that can result in Crash. | 7.5 |
| 2018-03-13 | CVE-2018-1000097 | Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in multiple products Sharutils sharutils (unshar command) version 4.15.2 contains a Buffer Overflow vulnerability in Affected component on the file unshar.c at line 75, function looks_like_c_code. | 7.8 |
| 2018-03-13 | CVE-2018-1000096 | Improper Certificate Validation vulnerability in Tiny-Json-Http Project Tiny-Json-Http brianleroux tiny-json-http version all versions since commit 9b8e74a232bba4701844e07bcba794173b0238a8 (Oct 29 2016) contains a Missing SSL certificate validation vulnerability in The libraries core functionality is affected. | 8.1 |
| 2018-03-13 | CVE-2018-1000094 | Unrestricted Upload of File with Dangerous Type vulnerability in Cmsmadesimple CMS Made Simple 2.2.5 CMS Made Simple version 2.2.5 contains a Remote Code Execution vulnerability in File Manager that can result in Allows an authenticated admin that has access to the file manager to execute code on the server. | 7.2 |
| 2018-03-12 | CVE-2018-7562 | Unrestricted Upload of File with Dangerous Type vulnerability in Glpi-Project Glpi A remote code execution issue was discovered in GLPI through 9.2.1. | 7.5 |
| 2018-03-12 | CVE-2018-6623 | Incorrect Permission Assignment for Critical Resource vulnerability in Hola VPN 1.79.859 An issue was discovered in Hola 1.79.859. | 8.8 |
| 2018-03-12 | CVE-2018-6400 | Unspecified vulnerability in Kingsoftstore WPS Office Free 10.2.0.5978 Kingsoft WPS Office Free 10.2.0.5978 allows local users to gain privileges or cause a denial of service by impersonating all the pipes through a use of \\.\pipe\WPSCloudSvr\WpsCloudSvr -- an "insecurely created named pipe." Ensures full access to Everyone users group. | 7.8 |