Vulnerabilities > High
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2018-06-12 | CVE-2018-0732 | Key Management Errors vulnerability in multiple products During key agreement in a TLS handshake using a DH(E) based ciphersuite a malicious server can send a very large prime value to the client. | 7.5 |
| 2018-06-12 | CVE-2018-12233 | Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in multiple products In the ea_get function in fs/jfs/xattr.c in the Linux kernel through 4.17.1, a memory corruption bug in JFS can be triggered by calling setxattr twice with two different extended attribute names on the same file. | 7.8 |
| 2018-06-11 | CVE-2018-6961 | OS Command Injection vulnerability in VMWare NSX Sd-Wan BY Velocloud VMware NSX SD-WAN Edge by VeloCloud prior to version 3.1.0 contains a command injection vulnerability in the local web UI component. | 8.1 |
| 2018-06-11 | CVE-2018-5184 | Inadequate Encryption Strength vulnerability in multiple products Using remote content in encrypted messages can lead to the disclosure of plaintext. | 7.5 |
| 2018-06-11 | CVE-2018-5182 | Information Exposure vulnerability in multiple products If a text string that happens to be a filename in the operating system's native format is dragged and dropped onto the addressbar the specified local file will be opened. | 7.5 |
| 2018-06-11 | CVE-2018-5181 | Information Exposure vulnerability in multiple products If a URL using the "file:" protocol is dragged and dropped onto an open tab that is running in a different child process the tab will open a local file corresponding to the dropped URL, contrary to policy. | 7.5 |
| 2018-06-11 | CVE-2018-5180 | Use After Free vulnerability in multiple products A use-after-free vulnerability can occur during WebGL operations. | 7.5 |
| 2018-06-11 | CVE-2018-5178 | Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in multiple products A buffer overflow was found during UTF8 to Unicode string conversion within JavaScript with extremely large amounts of data. | 8.1 |
| 2018-06-11 | CVE-2018-5177 | Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in multiple products A vulnerability exists in XSLT during number formatting where a negative buffer size may be allocated in some instances, leading to a buffer overflow and crash if it occurs. | 7.5 |
| 2018-06-11 | CVE-2018-5174 | Unspecified vulnerability in Mozilla products In the Windows 10 April 2018 Update, Windows Defender SmartScreen honors the "SEE_MASK_FLAG_NO_UI" flag associated with downloaded files and will not show any UI. | 7.5 |