Vulnerabilities > High
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2018-06-12 | CVE-2018-12247 | NULL Pointer Dereference vulnerability in Mruby 1.4.1 An issue was discovered in mruby 1.4.1. | 7.5 |
| 2018-06-12 | CVE-2017-3960 | Unspecified vulnerability in Mcafee Network Security Manager Exploitation of Authorization vulnerability in the web interface in McAfee Network Security Management (NSM) before 8.2.7.42.2 allows authenticated users to gain elevated privileges via a crafted HTTP request parameter. | 8.8 |
| 2018-06-12 | CVE-2018-1075 | Unspecified vulnerability in Ovirt ovirt-engine up to version 4.2.3 is vulnerable to an unfiltered password when choosing manual db provisioning. | 7.8 |
| 2018-06-12 | CVE-2018-1070 | Improper Input Validation vulnerability in Redhat Openshift Container Platform routing before version 3.10 is vulnerable to an improper input validation of the Openshift Routing configuration which can cause an entire shard to be brought down. | 7.5 |
| 2018-06-12 | CVE-2018-0732 | Key Management Errors vulnerability in multiple products During key agreement in a TLS handshake using a DH(E) based ciphersuite a malicious server can send a very large prime value to the client. | 7.5 |
| 2018-06-12 | CVE-2018-12233 | Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in multiple products In the ea_get function in fs/jfs/xattr.c in the Linux kernel through 4.17.1, a memory corruption bug in JFS can be triggered by calling setxattr twice with two different extended attribute names on the same file. | 7.8 |
| 2018-06-11 | CVE-2018-6961 | OS Command Injection vulnerability in VMWare NSX Sd-Wan BY Velocloud VMware NSX SD-WAN Edge by VeloCloud prior to version 3.1.0 contains a command injection vulnerability in the local web UI component. | 8.1 |
| 2018-06-11 | CVE-2018-5184 | Inadequate Encryption Strength vulnerability in multiple products Using remote content in encrypted messages can lead to the disclosure of plaintext. | 7.5 |
| 2018-06-11 | CVE-2018-5182 | Information Exposure vulnerability in multiple products If a text string that happens to be a filename in the operating system's native format is dragged and dropped onto the addressbar the specified local file will be opened. | 7.5 |
| 2018-06-11 | CVE-2018-5181 | Information Exposure vulnerability in multiple products If a URL using the "file:" protocol is dragged and dropped onto an open tab that is running in a different child process the tab will open a local file corresponding to the dropped URL, contrary to policy. | 7.5 |