Vulnerabilities > High

DATE CVE VULNERABILITY TITLE RISK
2018-06-05 CVE-2018-11740 Out-of-bounds Read vulnerability in Sleuthkit the Sleuth KIT
An issue was discovered in libtskbase.a in The Sleuth Kit (TSK) from release 4.0.2 through to 4.6.1.
network
low complexity
sleuthkit CWE-125
8.1
8.1
2018-06-05 CVE-2018-11739 Out-of-bounds Read vulnerability in Sleuthkit the Sleuth KIT
An issue was discovered in libtskimg.a in The Sleuth Kit (TSK) from release 4.0.2 through to 4.6.1.
network
low complexity
sleuthkit CWE-125
8.1
8.1
2018-06-05 CVE-2018-11738 Out-of-bounds Read vulnerability in Sleuthkit the Sleuth KIT
An issue was discovered in libtskfs.a in The Sleuth Kit (TSK) from release 4.0.2 through to 4.6.1.
network
low complexity
sleuthkit CWE-125
8.1
8.1
2018-06-05 CVE-2018-11737 Out-of-bounds Read vulnerability in Sleuthkit the Sleuth KIT
An issue was discovered in libtskfs.a in The Sleuth Kit (TSK) from release 4.0.2 through to 4.6.1.
network
low complexity
sleuthkit CWE-125
8.1
8.1
2018-06-04 CVE-2016-1000352 Cryptographic Issues vulnerability in Bouncycastle Legion-Of-The-Bouncy-Castle-Java-Crytography-Api
In the Bouncy Castle JCE Provider version 1.55 and earlier the ECIES implementation allowed the use of ECB mode.
network
high complexity
bouncycastle CWE-310
7.4
7.4
2018-06-04 CVE-2016-1000344 Cryptographic Issues vulnerability in Bouncycastle Legion-Of-The-Bouncy-Castle-Java-Crytography-Api
In the Bouncy Castle JCE Provider version 1.55 and earlier the DHIES implementation allowed the use of ECB mode.
network
high complexity
bouncycastle CWE-310
7.4
7.4
2018-06-04 CVE-2018-3853 Use After Free vulnerability in Foxitsoftware Foxit Reader 9.0.1.1049
An exploitable use-after-free vulnerability exists in the JavaScript engine of Foxit Software Foxit PDF Reader version 9.0.1.1049.
network
low complexity
foxitsoftware CWE-416
8.8
8.8
2018-06-04 CVE-2017-12092 Information Exposure vulnerability in Rockwellautomation Micrologix 1400 B Firmware
An exploitable file write vulnerability exists in the memory module functionality of Allen Bradley Micrologix 1400 Series B FRN 21.2 and before.
network
low complexity
rockwellautomation CWE-200
7.5
7.5
2018-06-04 CVE-2017-16055 Information Exposure vulnerability in Sqlserver Project Sqlserver
`sqlserver` was a malicious module published with the intent to hijack environment variables.
network
low complexity
sqlserver-project CWE-200
7.5
7.5
2018-06-04 CVE-2017-16054 Information Exposure vulnerability in Nodefabric Project Nodefabric
`nodefabric` was a malicious module published with the intent to hijack environment variables.
network
low complexity
nodefabric-project CWE-200
7.5
7.5