Vulnerabilities > High

DATE CVE VULNERABILITY TITLE RISK
2018-06-07 CVE-2017-16065 Information Exposure vulnerability in Openssl.Js Project Openssl.Js
openssl.js was a malicious module published with the intent to hijack environment variables.
network
low complexity
openssl-js-project CWE-200
7.5
7.5
2018-06-07 CVE-2017-16064 Information Exposure vulnerability in Node-Openssl Project Node-Openssl
node-openssl was a malicious module published with the intent to hijack environment variables.
network
low complexity
node-openssl-project CWE-200
7.5
7.5
2018-06-07 CVE-2017-16063 Information Exposure vulnerability in Node-Opensl Project Node-Opensl
node-opensl was a malicious module published with the intent to hijack environment variables.
network
low complexity
node-opensl-project CWE-200
7.5
7.5
2018-06-07 CVE-2017-16060 Information Exposure vulnerability in Babelcli Project Babelcli
babelcli was a malicious module published with the intent to hijack environment variables.
network
low complexity
babelcli-project CWE-200
7.5
7.5
2018-06-07 CVE-2017-16059 Information Exposure vulnerability in Mssql-Node Project Mssql-Node
mssql-node was a malicious module published with the intent to hijack environment variables.
network
low complexity
mssql-node-project CWE-200
7.5
7.5
2018-06-07 CVE-2017-16058 Information Exposure vulnerability in Gruntcli Project Gruntcli
gruntcli was a malicious module published with the intent to hijack environment variables.
network
low complexity
gruntcli-project CWE-200
7.5
7.5
2018-06-07 CVE-2017-16057 Information Exposure vulnerability in Nodemssql Project Nodemssql
nodemssql was a malicious module published with the intent to hijack environment variables.
network
low complexity
nodemssql-project CWE-200
7.5
7.5
2018-06-07 CVE-2017-16056 Information Exposure vulnerability in Mssql.Js Project Mssql.Js
mssql.js was a malicious module published with the intent to hijack environment variables.
network
low complexity
mssql-js-project CWE-200
7.5
7.5
2018-06-06 CVE-2018-5850 Integer Underflow (Wrap or Wraparound) vulnerability in Google Android
In the function csr_update_fils_params_rso(), insufficient validation on a key length can result in an integer underflow leading to a buffer overflow in all Android releases from CAF (Android for MSM, Firefox OS for MSM, QRD Android) using the Linux Kernel.
local
low complexity
google CWE-191
7.8
7.8
2018-06-06 CVE-2018-5846 Use After Free vulnerability in Google Android
A Use After Free condition can occur in the IPA driver whenever the IPA IOCTLs IPA_IOC_NOTIFY_WAN_UPSTREAM_ROUTE_ADD/IPA_IOC_NOTIFY_WAN_UPSTREAM_ROUTE_DEL/IPA_IOC_NOTIFY_WAN_EMBMS_CONNECTED are called in all Android releases from CAF (Android for MSM, Firefox OS for MSM, QRD Android) using the Linux Kernel.
local
low complexity
google CWE-416
7.8
7.8