Vulnerabilities > High

DATE CVE VULNERABILITY TITLE RISK
2018-02-27 CVE-2018-7467 Path Traversal vulnerability in Axxonsoft Next
AxxonSoft Axxon Next has Directory Traversal via an initial /css//..%2f substring in a URI.
network
low complexity
axxonsoft CWE-22
7.5
7.5
2018-02-27 CVE-2017-7671 Improper Input Validation vulnerability in multiple products
There is a DOS attack vulnerability in Apache Traffic Server (ATS) 5.2.0 to 5.3.2, 6.0.0 to 6.2.0, and 7.0.0 with the TLS handshake.
network
low complexity
apache debian CWE-20
7.5
7.5
2018-02-27 CVE-2017-5660 Improper Input Validation vulnerability in multiple products
There is a vulnerability in Apache Traffic Server (ATS) 6.2.0 and prior and 7.0.0 and prior with the Host header and line folding.
network
low complexity
apache debian CWE-20
8.6
8.6
2018-02-27 CVE-2018-7541 An issue was discovered in Xen through 4.10.x allowing guest OS users to cause a denial of service (hypervisor crash) or gain privileges by triggering a grant-table transition from v2 to v1.
local
low complexity
xen debian
8.8
8.8
2018-02-27 CVE-2018-6535 Unspecified vulnerability in Icinga
An issue was discovered in Icinga 2.x through 2.8.1.
network
high complexity
icinga
8.1
8.1
2018-02-27 CVE-2018-6533 Unspecified vulnerability in Icinga
An issue was discovered in Icinga 2.x through 2.8.1.
local
low complexity
icinga
7.8
7.8
2018-02-27 CVE-2018-6532 Resource Exhaustion vulnerability in Icinga
An issue was discovered in Icinga 2.x through 2.8.1.
network
low complexity
icinga CWE-400
7.5
7.5
2018-02-27 CVE-2017-15693 Deserialization of Untrusted Data vulnerability in Apache Geode
In Apache Geode before v1.4.0, the Geode server stores application objects in serialized form.
network
high complexity
apache CWE-502
7.5
7.5
2018-02-27 CVE-2017-18202 Use After Free vulnerability in Linux Kernel
The __oom_reap_task_mm function in mm/oom_kill.c in the Linux kernel before 4.14.4 mishandles gather operations, which allows attackers to cause a denial of service (TLB entry leak or use-after-free) or possibly have unspecified other impact by triggering a copy_to_user call within a certain time window.
local
high complexity
linux CWE-416
7.0
7.0
2018-02-27 CVE-2018-4916 Out-of-bounds Write vulnerability in Adobe products
An issue was discovered in Adobe Acrobat Reader 2018.009.20050 and earlier versions, 2017.011.30070 and earlier versions, 2015.006.30394 and earlier versions.
network
low complexity
adobe CWE-787
8.8
8.8