Vulnerabilities > High
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2018-03-06 | CVE-2018-7735 | SQL Injection vulnerability in Afian Filerun Afian FileRun (before 2018.02.13) suffers from a remote SQL injection vulnerability, when logged in as superuser, via the search parameter in a /?module=metadata§ion=cpanel&page=list_filetypes request. | 7.2 |
| 2018-03-06 | CVE-2018-7734 | SQL Injection vulnerability in Afian Filerun Afian FileRun (before 2018.02.13) suffers from a remote SQL injection vulnerability, when logged in as superuser, via the search parameter in a /?module=users§ion=cpanel&page=list request. | 7.2 |
| 2018-03-06 | CVE-2018-7733 | Cross-Site Request Forgery (CSRF) vulnerability in Yxtcmf 3.1 An issue was discovered in YxtCMF 3.1. | 8.8 |
| 2018-03-06 | CVE-2018-1000100 | Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in multiple products GPAC MP4Box version 0.7.1 and earlier contains a Buffer Overflow vulnerability in src/isomedia/avc_ext.c lines 2417 to 2420 that can result in Heap chunks being modified, this could lead to RCE. | 7.8 |
| 2018-03-06 | CVE-2017-6296 | Race Condition vulnerability in multiple products NVIDIA TrustZone Software contains a TOCTOU issue in the DRM application which may lead to the denial of service or possible escalation of privileges. | 7.0 |
| 2018-03-06 | CVE-2017-6295 | Out-of-bounds Read vulnerability in multiple products NVIDIA TrustZone Software contains a vulnerability in the Keymaster implementation where the software reads data past the end, or before the beginning, of the intended buffer; and may lead to denial of service or information disclosure. | 8.4 |
| 2018-03-06 | CVE-2017-6282 | Write-what-where Condition vulnerability in multiple products NVIDIA Tegra kernel driver contains a vulnerability in NVMAP where an attacker has the ability to write an arbitrary value to an arbitrary location which may lead to an escalation of privileges. | 7.8 |
| 2018-03-06 | CVE-2017-6280 | Out-of-bounds Read vulnerability in Google Android NVIDIA driver contains a possible out-of-bounds read vulnerability due to a leak which may lead to information disclosure. | 7.5 |
| 2018-03-06 | CVE-2018-7307 | Cross-Site Request Forgery (CSRF) vulnerability in Auth0 Auth0.Js The Auth0 Auth0.js library before 9.3 has CSRF because it mishandles the case where the authorization response lacks the state parameter. | 8.8 |
| 2018-03-05 | CVE-2018-7714 | Reachable Assertion vulnerability in Opencv 3.4.1 The validateInputImageSize function in modules/imgcodecs/src/loadsave.cpp in OpenCV 3.4.1 allows remote attackers to cause a denial of service (assertion failure) because (pixels <= (1<<30)) may be false. | 7.5 |