Vulnerabilities > High

DATE CVE VULNERABILITY TITLE RISK
2018-06-07 CVE-2018-12016 Unspecified vulnerability in Gnome Epiphany
libephymain.so in GNOME Web (aka Epiphany) through 3.28.2.1 allows remote attackers to cause a denial of service (application crash) via certain window.open and document.write calls.
network
low complexity
gnome
7.5
2018-06-07 CVE-2018-12015 Link Following vulnerability in multiple products
In Perl through 5.26.2, the Archive::Tar module allows remote attackers to bypass a directory-traversal protection mechanism, and overwrite arbitrary files, via an archive file containing a symlink and a regular file with the same name.
network
low complexity
canonical debian perl archive apple netapp CWE-59
7.5
2018-06-07 CVE-2018-0353 Unspecified vulnerability in Cisco web Security Appliance
A vulnerability in traffic-monitoring functions in Cisco Web Security Appliance (WSA) could allow an unauthenticated, remote attacker to circumvent Layer 4 Traffic Monitor (L4TM) functionality and bypass security protections.
network
low complexity
cisco
7.5
2018-06-07 CVE-2018-0322 Missing Authorization vulnerability in Cisco products
A vulnerability in the web management interface of Cisco Prime Collaboration Provisioning (PCP) could allow an authenticated, remote attacker to modify sensitive data that is associated with arbitrary accounts on an affected device.
network
low complexity
cisco CWE-862
8.8
2018-06-07 CVE-2018-0317 Missing Authorization vulnerability in Cisco products
A vulnerability in the web interface of Cisco Prime Collaboration Provisioning (PCP) could allow an authenticated, remote attacker to escalate their privileges.
network
low complexity
cisco CWE-862
8.8
2018-06-07 CVE-2018-0316 Improper Handling of Exceptional Conditions vulnerability in Cisco IP Phone Firmware 11.1(2)
A vulnerability in the Session Initiation Protocol (SIP) call-handling functionality of Cisco IP Phone 6800, 7800, and 8800 Series Phones with Multiplatform Firmware could allow an unauthenticated, remote attacker to cause an affected phone to reload unexpectedly, resulting in a temporary denial of service (DoS) condition.
network
low complexity
cisco CWE-755
7.5
2018-06-07 CVE-2018-0296 Path Traversal vulnerability in Cisco Adaptive Security Appliance Software
A vulnerability in the web interface of the Cisco Adaptive Security Appliance (ASA) could allow an unauthenticated, remote attacker to cause an affected device to reload unexpectedly, resulting in a denial of service (DoS) condition.
network
low complexity
cisco CWE-22
7.5
2018-06-07 CVE-2018-0274 OS Command Injection vulnerability in Cisco Network Services Orchestrator
A vulnerability in the CLI parser of Cisco Network Services Orchestrator (NSO) could allow an authenticated, remote attacker to execute arbitrary shell commands with the privileges of the root user.
network
low complexity
cisco CWE-78
8.8
2018-06-07 CVE-2018-0263 Insecure Default Initialization of Resource vulnerability in Cisco Meeting Server
A vulnerability in Cisco Meeting Server (CMS) could allow an unauthenticated, adjacent attacker to access services running on internal device interfaces of an affected system.
low complexity
cisco CWE-1188
7.4
2018-06-07 CVE-2017-6779 Resource Exhaustion vulnerability in Cisco products
Multiple Cisco products are affected by a vulnerability in local file management for certain system log files of Cisco collaboration products that could allow an unauthenticated, remote attacker to cause high disk utilization, resulting in a denial of service (DoS) condition.
network
low complexity
cisco CWE-400
7.5