Vulnerabilities > High
DATE | CVE | VULNERABILITY TITLE | RISK |
---|---|---|---|
2018-06-12 | CVE-2017-15842 | Use After Free vulnerability in Google Android Buffer might get used after it gets freed due to unlocking the mutex before freeing the buffer in all Android releases from CAF (Android for MSM, Firefox OS for MSM, QRD Android) using the Linux Kernel. | 7.8 |
2018-06-12 | CVE-2018-12254 | SQL Injection vulnerability in Harmistechnology EK Rishta 2.10 router.php in the Harmis Ek rishta (aka ek-rishta) 2.10 component for Joomla! allows SQL Injection via the PATH_INFO to a home/requested_user/Sent%20interest/ URI. | 8.8 |
2018-06-12 | CVE-2018-10509 | Unspecified vulnerability in Trendmicro Officescan 11.0/Xg A vulnerability in Trend Micro OfficeScan 11.0 SP1 and XG could allow a attacker to exploit it via a Browser Refresh attack on vulnerable installations. | 8.8 |
2018-06-12 | CVE-2018-10508 | Unspecified vulnerability in Trendmicro Officescan 11.0/Xg A vulnerability in Trend Micro OfficeScan 11.0 SP1 and XG could allow a attacker to use a specially crafted URL to elevate account permissions on vulnerable installations. | 8.8 |
2018-06-12 | CVE-2018-5814 | Race Condition vulnerability in multiple products In the Linux Kernel before version 4.16.11, 4.14.43, 4.9.102, and 4.4.133, multiple race condition errors when handling probe, disconnect, and rebind operations can be exploited to trigger a use-after-free condition or a NULL pointer dereference by sending multiple USB over IP packets. | 7.0 |
2018-06-12 | CVE-2018-5718 | Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in Safensoft products Improper restriction of write operations within the bounds of a memory buffer in snscore.sys in SoftControl/SafenSoft SysWatch, SoftControl/SafenSoft TPSecure, SoftControl/SafenSoft Enterprise Suite before version 4.4.1 allows local users to cause a denial of service (BSOD) or modify kernel-mode memory via loading of a forged DLL into an user-mode process. | 7.1 |
2018-06-12 | CVE-2018-2424 | Improper Input Validation vulnerability in SAP products SAP UI5 did not validate user input before adding it to the DOM structure. | 7.5 |
2018-06-12 | CVE-2011-4182 | Improper Input Validation vulnerability in Opensuse Sysconfig Missing escaping of ESSID values in sysconfig of SUSE Linux Enterprise allows attackers controlling an access point to cause execute arbitrary code. | 8.1 |
2018-06-12 | CVE-2018-12249 | NULL Pointer Dereference vulnerability in multiple products An issue was discovered in mruby 1.4.1. | 7.5 |
2018-06-12 | CVE-2018-12248 | Out-of-bounds Read vulnerability in Mruby 1.4.1 An issue was discovered in mruby 1.4.1. | 7.5 |