Vulnerabilities > High
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2018-06-14 | CVE-2018-6516 | Unspecified vulnerability in Puppet Enterprise Client Tools 16.4.0/17.3.0/18.1.0 On Windows only, with a specifically crafted configuration file an attacker could get Puppet PE client tools (aka pe-client-tools) 16.4.x prior to 16.4.6, 17.3.x prior to 17.3.6, and 18.1.x prior to 18.1.2 to load arbitrary code with privilege escalation. | 7.8 |
| 2018-06-14 | CVE-2018-12423 | Unspecified vulnerability in Matrix Synapse In Synapse before 0.31.2, unauthorised users can hijack rooms when there is no m.room.power_levels event in force. | 7.5 |
| 2018-06-14 | CVE-2018-12420 | Use of a Broken or Risky Cryptographic Algorithm vulnerability in Icehrm IceHrm before 23.0.1.OS has a risky usage of a hashed password in a request. | 7.5 |
| 2018-06-14 | CVE-2018-8819 | XXE vulnerability in Carrier Automatedlogic Webctrl 6.0/6.1/6.5 An XXE issue was discovered in Automated Logic Corporation (ALC) WebCTRL Versions 6.0, 6.1 and 6.5. | 7.5 |
| 2018-06-14 | CVE-2017-12070 | Improper Input Validation vulnerability in Opcfoundation Ua-.Net-Legacy 1.02.336.0 Unsigned versions of the DLLs distributed by the OPC Foundation may be replaced with malicious code. | 8.8 |
| 2018-06-14 | CVE-2018-12114 | Cross-Site Request Forgery (CSRF) vulnerability in Maccms 10.0 Maccms 10 allows CSRF via admin.php/admin/admin/info.html to add user accounts. | 8.8 |
| 2018-06-14 | CVE-2018-4833 | Unspecified vulnerability in Siemens products A vulnerability has been identified in RFID 181EIP (All versions), RUGGEDCOM Win (V4.4, V4.5, V5.0, and V5.1), SCALANCE X-200 switch family (incl. low complexity siemens | 8.8 |
| 2018-06-14 | CVE-2017-17309 | Path Traversal vulnerability in Huawei Hg255S-10 Firmware V100R001C163B025Sp02 Huawei HG255s-10 V100R001C163B025SP02 has a path traversal vulnerability due to insufficient validation of the received HTTP requests, a remote attacker may access the local files on the device without authentication. | 7.5 |
| 2018-06-14 | CVE-2017-17173 | Improper Input Validation vulnerability in Huawei Mate 9 PRO Fimware Lonal00B8.0.0.334(C00)/Lonal00B8.0.0.340A(C00) Due to insufficient parameters verification GPU driver of Mate 9 Pro Huawei smart phones with the versions before LON-AL00B 8.0.0.356(C00) has an arbitrary memory free vulnerability. | 7.8 |
| 2018-06-14 | CVE-2017-17172 | Improper Handling of Exceptional Conditions vulnerability in Huawei Lyo-L21 Huawei smart phones LYO-L21 with software LYO-L21C479B107, LYO-L21C479B107 have a privilege escalation vulnerability. | 7.3 |