Vulnerabilities > High
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2018-06-16 | CVE-2018-11222 | Improper Input Validation vulnerability in Artica Pandora FMS Local File Inclusion (LFI) in Artica Pandora FMS through version 7.23 allows an attacker to call any php file via the /pandora_console/ajax.php ajax endpoint. | 7.5 |
| 2018-06-15 | CVE-2018-5863 | Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in Google Android If userspace provides a too-large WPA RSN IE length in wlan_hdd_cfg80211_set_ie(), a buffer overflow occurs in all Android releases(Android for MSM, Firefox OS for MSM, QRD Android) from CAF using the Linux kernel. | 7.8 |
| 2018-06-15 | CVE-2018-12492 | Improper Input Validation vulnerability in PHPok 4.9.032 PHPOK 4.9.032 has an arbitrary file deletion vulnerability in the delfile_f function in framework/admin/tpl_control.php. | 7.5 |
| 2018-06-15 | CVE-2018-12035 | Out-of-bounds Write vulnerability in Virustotal Yara In YARA 3.7.1 and prior, parsing a specially crafted compiled rule file can cause an out of bounds write vulnerability in yr_execute_code in libyara/exec.c. | 7.8 |
| 2018-06-15 | CVE-2018-12034 | Out-of-bounds Read vulnerability in Virustotal Yara In YARA 3.7.1 and prior, parsing a specially crafted compiled rule file can cause an out of bounds read vulnerability in yr_execute_code in libyara/exec.c. | 7.8 |
| 2018-06-15 | CVE-2018-5857 | Use After Free vulnerability in Google Android In the WCD CPE codec, a Use After Free condition can occur in all Android releases(Android for MSM, Firefox OS for MSM, QRD Android) from CAF using the Linux kernel. | 7.8 |
| 2018-06-15 | CVE-2018-5854 | Out-of-bounds Write vulnerability in Google Android A stack-based buffer overflow can occur in fastboot from all Android releases(Android for MSM, Firefox OS for MSM, QRD Android) from CAF using the Linux kernel. | 7.8 |
| 2018-06-15 | CVE-2018-1460 | Improper Privilege Management vulnerability in IBM Puredata System for Analytics 1.0.0 IBM Netezza Platform Software (IBM PureData System for Analytics 1.0.0) could allow a local user to modify a world writable file, which could be used to execute commands as root. | 7.8 |
| 2018-06-15 | CVE-2018-12457 | Incorrect Permission Assignment for Critical Resource vulnerability in Expresscart Project Expresscart expressCart before 1.1.6 allows remote attackers to create an admin user via a /admin/setup Referer header. | 8.8 |
| 2018-06-15 | CVE-2018-12447 | Integer Overflow or Wraparound vulnerability in Libbpg Project Libbpg 0.9.8 The restore_tqb_pixels function in hevc_filter.c in libavcodec, as used in libbpg 0.9.8 and other products, has an integer overflow that leads to a heap-based buffer overflow and remote code execution. | 8.8 |