Vulnerabilities > High

DATE CVE VULNERABILITY TITLE RISK
2018-06-20 CVE-2018-0307 OS Command Injection vulnerability in Cisco Nx-Os
A vulnerability in the CLI of Cisco NX-OS Software could allow an authenticated, local attacker to perform a command-injection attack on an affected device.
local
low complexity
cisco CWE-78
7.8
7.8
2018-06-20 CVE-2018-0295 Improper Input Validation vulnerability in Cisco Nx-Os
A vulnerability in the Border Gateway Protocol (BGP) implementation of Cisco NX-OS Software could allow an unauthenticated, remote attacker to cause a denial of service (DoS) condition due to the device unexpectedly reloading.
network
low complexity
cisco CWE-20
7.5
7.5
2018-06-20 CVE-2018-0293 OS Command Injection vulnerability in Cisco Nx-Os
A vulnerability in role-based access control (RBAC) for Cisco NX-OS Software could allow an authenticated, remote attacker to execute CLI commands that should be restricted for a nonadministrative user.
network
low complexity
cisco CWE-78
8.8
8.8
2018-06-20 CVE-2018-0292 Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in Cisco Nx-Os
A vulnerability in the Internet Group Management Protocol (IGMP) Snooping feature of Cisco NX-OS Software could allow an unauthenticated, adjacent attacker to execute arbitrary code and gain full control of an affected system.
low complexity
cisco CWE-119
8.8
8.8
2018-06-20 CVE-2018-12604 Information Exposure Through Log Files vulnerability in Njtech Greencms 2.3.0603
GreenCMS 2.3.0603 allows remote attackers to obtain sensitive information via a direct request for Data/Log/year_month_day.log.
network
low complexity
njtech CWE-532
7.5
7.5
2018-06-20 CVE-2018-5428 Command Injection vulnerability in Tibco Data Virtualization 7.0.5/7.0.6
The version control adapters component of TIBCO Data Virtualization (formerly known as Cisco Information Server) contains vulnerabilities that may allow for arbitrary command execution.
network
low complexity
tibco CWE-77
8.8
8.8
2018-06-20 CVE-2018-12600 Out-of-bounds Write vulnerability in multiple products
In ImageMagick 7.0.8-3 Q16, ReadDIBImage and WriteDIBImage in coders/dib.c allow attackers to cause an out of bounds write via a crafted file.
network
low complexity
debian canonical imagemagick CWE-787
8.8
8.8
2018-06-20 CVE-2018-12599 Out-of-bounds Write vulnerability in multiple products
In ImageMagick 7.0.8-3 Q16, ReadBMPImage and WriteBMPImage in coders/bmp.c allow attackers to cause an out of bounds write via a crafted file.
network
low complexity
debian canonical imagemagick CWE-787
8.8
8.8
2018-06-20 CVE-2018-10841 glusterfs is vulnerable to privilege escalation on gluster server nodes.
network
low complexity
gluster debian
8.8
8.8
2018-06-20 CVE-2018-6211 OS Command Injection vulnerability in D-Link Dir-620 Firmware
On D-Link DIR-620 devices with a certain customized (by ISP) variant of firmware 1.0.3, 1.0.37, 1.3.1, 1.3.3, 1.3.7, 1.4.0, and 2.0.22, OS command injection is possible as a result of incorrect processing of the res_buf parameter to index.cgi.
network
low complexity
d-link CWE-78
7.2
7.2