Vulnerabilities > High
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2018-03-08 | CVE-2017-7641 | Cross-Site Request Forgery (CSRF) vulnerability in Qnap Media Streaming Add-On QNAP NAS application Media Streaming add-on version 421.1.0.2, 430.1.2.0, and earlier does not utilize CSRF protections. | 8.8 |
| 2018-03-08 | CVE-2017-18222 | Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in Linux Kernel In the Linux kernel before 4.12, Hisilicon Network Subsystem (HNS) does not consider the ETH_SS_PRIV_FLAGS case when retrieving sset_count data, which allows local users to cause a denial of service (buffer overflow and memory corruption) or possibly have unspecified other impact, as demonstrated by incompatibility between hns_get_sset_count and ethtool_get_strings. | 7.8 |
| 2018-03-08 | CVE-2018-0213 | Improper Input Validation vulnerability in Cisco Identity Services Engine 2.1(0.904) A vulnerability in the credential reset functionality for Cisco Identity Services Engine (ISE) could allow an authenticated, remote attacker to gain elevated privileges. | 8.8 |
| 2018-03-08 | CVE-2018-0210 | Cross-Site Request Forgery (CSRF) vulnerability in Cisco Data Center Network Manager 10.4(1.128)/10.4(2) A vulnerability in the web-based management interface of Cisco Data Center Network Manager could allow an unauthenticated, remote attacker to conduct a cross-site request forgery (CSRF) attack and perform arbitrary actions on an affected device. | 8.8 |
| 2018-03-08 | CVE-2018-0209 | Unspecified vulnerability in Cisco Small Business 500 Series Stackable Managed Switches Firmware 2.2.5.68/2.3.0.130 A vulnerability in the Simple Network Management Protocol (SNMP) subsystem communication channel through the Cisco 550X Series Stackable Managed Switches could allow an authenticated, remote attacker to cause the device to reload unexpectedly, causing a denial of service (DoS) condition. | 7.7 |
| 2018-03-08 | CVE-2018-0141 | Use of Hard-coded Credentials vulnerability in Cisco products A vulnerability in Cisco Prime Collaboration Provisioning (PCP) Software 11.6 could allow an unauthenticated, local attacker to log in to the underlying Linux operating system. | 8.4 |
| 2018-03-07 | CVE-2018-7752 | Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in multiple products GPAC through 0.7.1 has a Buffer Overflow in the gf_media_avc_read_sps function in media_tools/av_parsers.c, a different vulnerability than CVE-2018-1000100. | 7.8 |
| 2018-03-07 | CVE-2017-12174 | It was found that when Artemis and HornetQ before 2.4.0 are configured with UDP discovery and JGroups discovery a huge byte array is created when receiving an unexpected multicast message. | 7.5 |
| 2018-03-07 | CVE-2018-7565 | Cross-Site Request Forgery (CSRF) vulnerability in Polycom QDX 6000 Firmware CSRF exists on Polycom QDX 6000 devices. | 8.8 |
| 2018-03-07 | CVE-2018-7204 | Information Exposure Through Log Files vulnerability in Giribaz File Manager inc/logger.php in the Giribaz File Manager plugin before 5.0.2 for WordPress logged activity related to the plugin in /wp-content/uploads/file-manager/log.txt. | 7.5 |