Vulnerabilities > High
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2018-03-07 | CVE-2018-7565 | Cross-Site Request Forgery (CSRF) vulnerability in Polycom QDX 6000 Firmware CSRF exists on Polycom QDX 6000 devices. | 8.8 |
| 2018-03-07 | CVE-2018-7204 | Information Exposure Through Log Files vulnerability in Giribaz File Manager inc/logger.php in the Giribaz File Manager plugin before 5.0.2 for WordPress logged activity related to the plugin in /wp-content/uploads/file-manager/log.txt. | 7.5 |
| 2018-03-07 | CVE-2018-5452 | Out-of-bounds Write vulnerability in Emerson Controlwave Micro Firmware 05.78.00 A Stack-based Buffer Overflow issue was discovered in Emerson Process Management ControlWave Micro Process Automation Controller: ControlWave Micro [ProConOS v.4.01.280] firmware: CWM v.05.78.00 and prior. | 7.5 |
| 2018-03-07 | CVE-2018-7746 | Cross-site Scripting vulnerability in Cobub Razor 0.7.2 An issue was discovered in Western Bridge Cobub Razor 0.7.2. | 8.8 |
| 2018-03-07 | CVE-2018-7745 | Improper Authentication vulnerability in Cobub Razor 0.7.2 An issue was discovered in Western Bridge Cobub Razor 0.7.2. | 7.5 |
| 2018-03-07 | CVE-2018-1000118 | OS Command Injection vulnerability in Electronjs Electron Github Electron version Electron 1.8.2-beta.4 and earlier contains a Command Injection vulnerability in Protocol Handler that can result in command execute. | 8.8 |
| 2018-03-07 | CVE-2018-1054 | Out-of-bounds Read vulnerability in multiple products An out-of-bounds memory read flaw was found in the way 389-ds-base handled certain LDAP search filters, affecting all versions including 1.4.x. | 7.5 |
| 2018-03-07 | CVE-2018-7720 | Cross-Site Request Forgery (CSRF) vulnerability in Cobub Razor 0.7.2 A cross-site request forgery (CSRF) vulnerability exists in Western Bridge Cobub Razor 0.7.2 via /index.php?/user/createNewUser/, resulting in account creation. | 8.8 |
| 2018-03-07 | CVE-2018-7738 | Unspecified vulnerability in Kernel Util-Linux In util-linux before 2.32-rc1, bash-completion/umount allows local users to gain privileges by embedding shell commands in a mountpoint name, which is mishandled during a umount command (within Bash) by a different user, as demonstrated by logging in as root and entering umount followed by a tab character for autocompletion. | 7.8 |
| 2018-03-07 | CVE-2017-11649 | Cross-Site Request Forgery (CSRF) vulnerability in Draytek Vigorap 910C Firmware 1.2.0 Cross-site request forgery (CSRF) vulnerability in DrayTek Vigor AP910C devices with firmware 1.2.0_RC3 build r6594 allows remote attackers to hijack the authentication of unspecified users for requests that enable SNMP on the remote device via vectors involving goform/setSnmp. | 8.8 |