Vulnerabilities > High
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2018-03-09 | CVE-2017-10853 | Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in Corega Cg-Wgr 1200 Firmware 2.20 Buffer overflow in Corega CG-WGR1200 firmware 2.20 and earlier allows an attacker to execute arbitrary commands via unspecified vectors. | 8.8 |
| 2018-03-09 | CVE-2017-10852 | Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in Corega Cg-Wgr 1200 Firmware 2.20 Buffer overflow in Corega CG-WGR1200 firmware 2.20 and earlier allows an attacker to execute arbitrary code via unspecified vectors. | 8.8 |
| 2018-03-09 | CVE-2018-1069 | Incorrect Permission Assignment for Critical Resource vulnerability in Redhat Openshift 3.7 Red Hat OpenShift Enterprise version 3.7 is vulnerable to access control override for container network filesystems. | 7.1 |
| 2018-03-08 | CVE-2018-7889 | Deserialization of Untrusted Data vulnerability in Calibre-Ebook Calibre 3.18.0 gui2/viewer/bookmarkmanager.py in Calibre 3.18 calls cPickle.load on imported bookmark data, which allows remote attackers to execute arbitrary code via a crafted .pickle file, as demonstrated by Python code that contains an os.system call. | 7.8 |
| 2018-03-08 | CVE-2018-5313 | Incorrect Permission Assignment for Critical Resource vulnerability in Rapidscada Rapid Scada 5.5.0 A vulnerability allows local attackers to escalate privilege on Rapid Scada 5.5.0 because of weak C:\SCADA permissions. | 7.8 |
| 2018-03-08 | CVE-2014-7272 | Permissions, Privileges, and Access Controls vulnerability in multiple products Simple Desktop Display Manager (SDDM) before 0.10.0 allows local users to gain root privileges because code running as root performs write operations within a user home directory, and this user may have created links in advance (exploitation requires the user to win a race condition in the ~/.Xauthority chown case, but not other cases). | 7.8 |
| 2018-03-08 | CVE-2014-7271 | Missing Authentication for Critical Function vulnerability in multiple products Simple Desktop Display Manager (SDDM) before 0.10.0 allows local users to log in as user "sddm" without authentication. | 7.8 |
| 2018-03-08 | CVE-2018-7871 | Out-of-bounds Read vulnerability in multiple products There is a heap-based buffer over-read in the getName function of util/decompile.c in libming 0.4.8 for CONSTANT16 data. | 8.8 |
| 2018-03-08 | CVE-2018-7869 | Missing Release of Resource after Effective Lifetime vulnerability in multiple products There is a memory leak triggered in the function dcinit of util/decompile.c in libming 0.4.8, which will lead to a denial of service attack. | 7.5 |
| 2018-03-08 | CVE-2018-4840 | Unspecified vulnerability in Siemens products A vulnerability has been identified in DIGSI 4 (All versions < V4.92), EN100 Ethernet module DNP3 variant (All versions < V1.05.00), EN100 Ethernet module IEC 104 variant (All versions), EN100 Ethernet module IEC 61850 variant (All versions < V4.30), EN100 Ethernet module Modbus TCP variant (All versions), EN100 Ethernet module PROFINET IO variant (All versions). | 7.5 |