Vulnerabilities > High

DATE CVE VULNERABILITY TITLE RISK
2018-06-07 CVE-2018-0274 OS Command Injection vulnerability in Cisco Network Services Orchestrator
A vulnerability in the CLI parser of Cisco Network Services Orchestrator (NSO) could allow an authenticated, remote attacker to execute arbitrary shell commands with the privileges of the root user.
network
low complexity
cisco CWE-78
8.8
2018-06-07 CVE-2018-0263 Insecure Default Initialization of Resource vulnerability in Cisco Meeting Server
A vulnerability in Cisco Meeting Server (CMS) could allow an unauthenticated, adjacent attacker to access services running on internal device interfaces of an affected system.
low complexity
cisco CWE-1188
7.4
2018-06-07 CVE-2017-6779 Resource Exhaustion vulnerability in Cisco products
Multiple Cisco products are affected by a vulnerability in local file management for certain system log files of Cisco collaboration products that could allow an unauthenticated, remote attacker to cause high disk utilization, resulting in a denial of service (DoS) condition.
network
low complexity
cisco CWE-400
7.5
2018-06-07 CVE-2018-3737 Incorrect Regular Expression vulnerability in Joyent Sshpk
sshpk is vulnerable to ReDoS when parsing crafted invalid public keys.
network
low complexity
joyent CWE-185
7.5
2018-06-07 CVE-2018-3732 Path Traversal vulnerability in Resolve-Path Project Resolve-Path
resolve-path node module before 1.4.0 suffers from a Path Traversal vulnerability due to lack of validation of paths with certain special characters, which allows a malicious user to read content of any file with known path.
network
low complexity
resolve-path-project CWE-22
7.5
2018-06-07 CVE-2018-3731 Path Traversal vulnerability in Public.Js Project Public.Js 0.1.2
public node module suffers from a Path Traversal vulnerability due to lack of validation of filePath, which allows a malicious user to read content of any file with known path.
network
low complexity
public-js-project CWE-22
7.5
2018-06-07 CVE-2018-3730 Path Traversal vulnerability in Mcstatic Project Mcstatic 0.0.20
mcstatic node module suffers from a Path Traversal vulnerability due to lack of validation of filePath, which allows a malicious user to read content of any file with known path.
network
low complexity
mcstatic-project CWE-22
7.5
2018-06-07 CVE-2018-3729 Path Traversal vulnerability in Localhost-Now Project Localhost-Now 1.0.1
localhost-now node module suffers from a Path Traversal vulnerability due to lack of validation of file, which allows a malicious user to read content of any file with known path.
network
low complexity
localhost-now-project CWE-22
7.5
2018-06-07 CVE-2018-3727 Path Traversal vulnerability in 626 Project 626 1.1.1
626 node module suffers from a Path Traversal vulnerability due to lack of validation of file, which allows a malicious user to read content of any file with known path.
network
low complexity
626-project CWE-22
7.5
2018-06-07 CVE-2018-3725 Path Traversal vulnerability in Hekto Project Hekto 0.2.0
hekto node module suffers from a Path Traversal vulnerability due to lack of validation of file, which allows a malicious user to read content of any file with known path.
network
low complexity
hekto-project CWE-22
7.5