Vulnerabilities > High

DATE CVE VULNERABILITY TITLE RISK
2018-06-26 CVE-2018-3840 NULL Pointer Dereference vulnerability in Pixar Renderman 21.6
A denial-of-service vulnerability exists in the Pixar Renderman IT Display Service 21.6 (0x67).
network
low complexity
pixar CWE-476
7.5
2018-06-26 CVE-2018-1614 Information Exposure vulnerability in IBM Websphere Application Server
IBM WebSphere Application Server 7.0, 8.0, 8.5, and 9.0 using malformed SAML responses from the SAML identity provider could allow a remote attacker to obtain sensitive information.
network
low complexity
ibm CWE-200
7.5
2018-06-26 CVE-2018-12895 Path Traversal vulnerability in multiple products
WordPress through 4.9.6 allows Author users to execute arbitrary code by leveraging directory traversal in the wp-admin/post.php thumb parameter, which is passed to the PHP unlink function and can delete the wp-config.php file.
network
low complexity
wordpress debian CWE-22
8.8
2018-06-26 CVE-2018-3760 Information Exposure vulnerability in multiple products
There is an information leak vulnerability in Sprockets.
network
low complexity
redhat sprockets-project debian CWE-200
7.5
2018-06-26 CVE-2018-12712 Improper Input Validation vulnerability in Joomla Joomla!
An issue was discovered in Joomla! 2.5.0 through 3.8.8 before 3.8.9.
network
low complexity
joomla CWE-20
8.8
2018-06-26 CVE-2018-4860 OS Command Injection vulnerability in Siemens Scalance M875 Firmware
A vulnerability has been identified in SCALANCE M875 (All versions).
network
low complexity
siemens CWE-78
7.2
2018-06-26 CVE-2018-4859 OS Command Injection vulnerability in Siemens Scalance M875 Firmware
A vulnerability has been identified in SCALANCE M875 (All versions).
network
low complexity
siemens CWE-78
7.2
2018-06-26 CVE-2018-4845 Improper Privilege Management vulnerability in Siemens products
A vulnerability has been identified in RAPIDLab 1200 systems / RAPIDPoint 400 systems / RAPIDPoint 500 systems (All versions_without_ use of Siemens Healthineers Informatics products), RAPIDLab 1200 Series (All versions < V3.3 _with_ Siemens Healthineers Informatics products), RAPIDPoint 500 systems (All versions >= V3.0 _with_ Siemens Healthineers Informatics products), RAPIDPoint 500 systems (V2.4.X_with_ Siemens Healthineers Informatics products), RAPIDPoint 500 systems (All versions =< V2.3 _with_ Siemens Healthineers Informatics products), RAPIDPoint 400 systems (All versions _with_ Siemens Healthineers Informatics products).
network
low complexity
siemens CWE-269
8.8
2018-06-26 CVE-2018-11449 Unspecified vulnerability in Siemens Scalance M875 Firmware
A vulnerability has been identified in SCALANCE M875 (All versions).
local
low complexity
siemens
7.8
2018-06-26 CVE-2018-11447 Cross-Site Request Forgery (CSRF) vulnerability in Siemens Scalance M875 Firmware
A vulnerability has been identified in SCALANCE M875 (All versions).
network
low complexity
siemens CWE-352
8.8