Vulnerabilities > High

DATE CVE VULNERABILITY TITLE RISK
2018-06-19 CVE-2018-12582 Cross-Site Request Forgery (CSRF) vulnerability in Akcms Project Akcms 6.1
An issue was discovered in AKCMS 6.1.
network
low complexity
akcms-project CWE-352
8.8
8.8
2018-06-19 CVE-2018-1061 python before versions 2.7.15, 3.4.9, 3.5.6rc1, 3.6.5rc1 and 3.7.0 is vulnerable to catastrophic backtracking in the difflib.IS_LINE_JUNK method.
network
low complexity
python debian redhat canonical fedoraproject
7.5
7.5
2018-06-19 CVE-2018-12565 Improper Input Validation vulnerability in multiple products
An issue was discovered in Linaro LAVA before 2018.5.post1.
network
low complexity
linaro debian CWE-20
8.8
8.8
2018-06-19 CVE-2018-12561 Improper Input Validation vulnerability in Cantata Project Cantata
An issue was discovered in the cantata-mounter D-Bus service in Cantata through 2.3.1.
network
low complexity
cantata-project CWE-20
8.8
8.8
2018-06-19 CVE-2018-12559 Path Traversal vulnerability in Cantata Project Cantata
An issue was discovered in the cantata-mounter D-Bus service in Cantata through 2.3.1.
network
low complexity
cantata-project CWE-22
8.8
8.8
2018-06-18 CVE-2018-9028 Inadequate Encryption Strength vulnerability in Broadcom Privileged Access Manager
Weak cryptography used for passwords in CA Privileged Access Manager 2.x reduces the complexity for password cracking.
network
low complexity
broadcom CWE-326
7.5
7.5
2018-06-18 CVE-2018-9026 Session Fixation vulnerability in Broadcom Privileged Access Manager
A session fixation vulnerability in CA Privileged Access Manager 2.x allows remote attackers to hijack user sessions with a specially crafted request.
network
low complexity
broadcom CWE-384
7.5
7.5
2018-06-18 CVE-2018-9025 Improper Input Validation vulnerability in Broadcom Privileged Access Manager
An input validation vulnerability in CA Privileged Access Manager 2.x allows remote attackers to poison log files with specially crafted input.
network
low complexity
broadcom CWE-20
7.5
7.5
2018-06-18 CVE-2018-9023 Improper Input Validation vulnerability in Broadcom Privileged Access Manager
An input validation vulnerability in CA Privileged Access Manager 2.x allows unprivileged users to execute arbitrary commands by passing specially crafted arguments to the update_crld script.
network
low complexity
broadcom CWE-20
8.8
8.8
2018-06-18 CVE-2018-1333 Resource Exhaustion vulnerability in multiple products
By specially crafting HTTP/2 requests, workers would be allocated 60 seconds longer than necessary, leading to worker exhaustion and a denial of service.
network
low complexity
apache redhat canonical netapp CWE-400
7.5
7.5