Vulnerabilities > High
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2018-06-06 | CVE-2018-3852 | Improper Input Validation vulnerability in Onssi Ocularis 5.5.0.242 An exploitable denial of service vulnerability exists in the Ocularis Recorder functionality of Ocularis 5.5.0.242. | 7.5 |
| 2018-06-06 | CVE-2018-3580 | Out-of-bounds Write vulnerability in Google Android Stack-based buffer overflow can occur In the WLAN driver if the pmkid_count value is larger than the PMKIDCache size in all Android releases from CAF (Android for MSM, Firefox OS for MSM, QRD Android) using the Linux Kernel. | 7.8 |
| 2018-06-06 | CVE-2018-3578 | Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in Google Android Type mismatch for ie_len can cause the WLAN driver to allocate less memory on the heap due to implicit casting leading to a heap buffer overflow in all Android releases from CAF (Android for MSM, Firefox OS for MSM, QRD Android) using the Linux Kernel. | 7.8 |
| 2018-06-06 | CVE-2018-3565 | Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in Google Android While sending a probe request indication in lim_send_sme_probe_req_ind() in all Android releases from CAF (Android for MSM, Firefox OS for MSM, QRD Android) using the Linux Kernel, a buffer overflow can occur. | 7.8 |
| 2018-06-06 | CVE-2017-18154 | Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in Google Android A crafted binder request can cause an arbitrary unmap in MediaServer in all Android releases from CAF (Android for MSM, Firefox OS for MSM, QRD Android) using the Linux Kernel. | 7.8 |
| 2018-06-06 | CVE-2018-1265 | Unrestricted Upload of File with Dangerous Type vulnerability in multiple products Cloud Foundry Diego, release versions prior to 2.8.0, does not properly sanitize file paths in tar and zip files headers. | 7.2 |
| 2018-06-06 | CVE-2017-7906 | Cross-Site Request Forgery (CSRF) vulnerability in ABB IP Gateway Firmware 3.39 In ABB IP GATEWAY 3.39 and prior, the web server does not sufficiently verify that a request was performed by the authenticated user, which may allow an attacker to launch a request impersonating that user. | 8.8 |
| 2018-06-06 | CVE-2018-1000203 | Unspecified vulnerability in Soarlabs Soarcoin 4A2Aa71Ee21014E2880A3F7Aad11091Ed6Ad434F Soar Labs Soar Coin version up to and including git commit 4a2aa71ee21014e2880a3f7aad11091ed6ad434f (latest release as of Sept 2017) contains an intentional backdoor vulnerability in the function zero_fee_transaction() that can result in theft of Soar Coins by the "onlycentralAccount" (Soar Labs) after payment is processed. | 7.5 |
| 2018-06-06 | CVE-2018-1456 | XXE vulnerability in IBM products IBM Rhapsody DM 5.0 through 5.0.2 and 6.0 through 6.0.5 is vulnerable to a XML External Entity Injection (XXE) attack when processing XML data. | 7.1 |
| 2018-06-06 | CVE-2018-11813 | Excessive Iteration vulnerability in IJG Libjpeg 9C libjpeg 9c has a large loop because read_pixel in rdtarga.c mishandles EOF. | 7.5 |