Vulnerabilities > High
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2018-06-07 | CVE-2018-1547 | Unspecified vulnerability in IBM Robotic Process Automation With Automation Anywhere 10.0 IBM Robotic Process Automation with Automation Anywhere 10.0 could allow a remote attacker to execute arbitrary code on the system, caused by improper output encoding in an CSV export. | 7.7 |
| 2018-06-07 | CVE-2018-1514 | Cross-Site Request Forgery (CSRF) vulnerability in IBM Robotic Process Automation With Automation Anywhere 10.0 IBM Robotic Process Automation with Automation Anywhere 10.0 is vulnerable to cross-site request forgery which could allow an attacker to execute malicious and unauthorized actions transmitted from a user that the website trusts. | 8.8 |
| 2018-06-07 | CVE-2018-12016 | Unspecified vulnerability in Gnome Epiphany libephymain.so in GNOME Web (aka Epiphany) through 3.28.2.1 allows remote attackers to cause a denial of service (application crash) via certain window.open and document.write calls. | 7.5 |
| 2018-06-07 | CVE-2018-12015 | Link Following vulnerability in multiple products In Perl through 5.26.2, the Archive::Tar module allows remote attackers to bypass a directory-traversal protection mechanism, and overwrite arbitrary files, via an archive file containing a symlink and a regular file with the same name. | 7.5 |
| 2018-06-07 | CVE-2018-0353 | Unspecified vulnerability in Cisco web Security Appliance A vulnerability in traffic-monitoring functions in Cisco Web Security Appliance (WSA) could allow an unauthenticated, remote attacker to circumvent Layer 4 Traffic Monitor (L4TM) functionality and bypass security protections. | 7.5 |
| 2018-06-07 | CVE-2018-0322 | Missing Authorization vulnerability in Cisco products A vulnerability in the web management interface of Cisco Prime Collaboration Provisioning (PCP) could allow an authenticated, remote attacker to modify sensitive data that is associated with arbitrary accounts on an affected device. | 8.8 |
| 2018-06-07 | CVE-2018-0317 | Missing Authorization vulnerability in Cisco products A vulnerability in the web interface of Cisco Prime Collaboration Provisioning (PCP) could allow an authenticated, remote attacker to escalate their privileges. | 8.8 |
| 2018-06-07 | CVE-2018-0316 | Improper Handling of Exceptional Conditions vulnerability in Cisco IP Phone Firmware 11.1(2) A vulnerability in the Session Initiation Protocol (SIP) call-handling functionality of Cisco IP Phone 6800, 7800, and 8800 Series Phones with Multiplatform Firmware could allow an unauthenticated, remote attacker to cause an affected phone to reload unexpectedly, resulting in a temporary denial of service (DoS) condition. | 7.5 |
| 2018-06-07 | CVE-2018-0296 | Path Traversal vulnerability in Cisco Adaptive Security Appliance Software A vulnerability in the web interface of the Cisco Adaptive Security Appliance (ASA) could allow an unauthenticated, remote attacker to cause an affected device to reload unexpectedly, resulting in a denial of service (DoS) condition. | 7.5 |
| 2018-06-07 | CVE-2018-0274 | OS Command Injection vulnerability in Cisco Network Services Orchestrator A vulnerability in the CLI parser of Cisco Network Services Orchestrator (NSO) could allow an authenticated, remote attacker to execute arbitrary shell commands with the privileges of the root user. | 8.8 |