Vulnerabilities > High
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2018-02-26 | CVE-2018-7487 | Out-of-bounds Write vulnerability in multiple products There is a heap-based buffer overflow in the LoadPCX function of in_pcx.cpp in sam2p 0.49.4. | 7.8 |
| 2018-02-26 | CVE-2018-7486 | Path Traversal vulnerability in Blueriver Muracms Blue River Mura CMS before v7.0.7029 supports inline function calls with an [m] tag and [/m] end tag, without proper restrictions on file types or pathnames, which allows remote attackers to execute arbitrary code via an [m]$.dspinclude("../pathname/executable.jpeg")[/m] approach, where executable.jpeg contains ColdFusion Markup Language code. | 7.2 |
| 2018-02-26 | CVE-2018-1377 | Insufficiently Protected Credentials vulnerability in IBM Security Guardium BIG Data Intelligence 3.1 IBM Security Guardium Big Data Intelligence (SonarG) 3.1 stores user credentials in plain in clear text which can be read by a local user. | 7.8 |
| 2018-02-26 | CVE-2018-7484 | Untrusted Search Path vulnerability in Purevpn 5.19.4.0 An issue was discovered in PureVPN through 5.19.4.0 on Windows. | 7.8 |
| 2018-02-26 | CVE-2017-15696 | Information Exposure vulnerability in Apache Geode When an Apache Geode cluster before v1.4.0 is operating in secure mode, the Geode configuration service does not properly authorize configuration requests. | 7.5 |
| 2018-02-25 | CVE-2018-7480 | Double Free vulnerability in multiple products The blkcg_init_queue function in block/blk-cgroup.c in the Linux kernel before 4.11 allows local users to cause a denial of service (double free) or possibly have unspecified other impact by triggering a creation failure. | 7.8 |
| 2018-02-25 | CVE-2018-7471 | Integer Overflow or Wraparound vulnerability in Bj-Tct Kingview 7.5 KingView 7.5SP1 has an integer overflow during stgopenstorage API read operations. | 7.8 |
| 2018-02-25 | CVE-2018-7466 | Code Injection vulnerability in Testlink install/installNewDB.php in TestLink through 1.9.16 allows remote attackers to conduct injection attacks by leveraging control over DB LOGIN NAMES data during installation to provide a long, crafted value. | 7.5 |
| 2018-02-24 | CVE-2017-18198 | Out-of-bounds Read vulnerability in GNU Libcdio print_iso9660_recurse in iso-info.c in GNU libcdio before 1.0.0 allows remote attackers to cause a denial of service (heap-based buffer over-read) or possibly have unspecified other impact via a crafted iso file. | 8.8 |
| 2018-02-23 | CVE-2017-17767 | Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in Google Android In all Qualcomm products with Android releases from CAF using the Linux kernel, the IL client may free a buffer OMX Video Encoder Component and then subsequently access the already freed buffer. | 7.8 |