Vulnerabilities > High
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2018-02-06 | CVE-2017-6279 | Out-of-bounds Write vulnerability in Google Android NVIDIA libnvmmlite_audio.so contains an elevation of privilege vulnerability when running in media server which may cause an out of bounds write and could lead to local code execution in a privileged process. | 7.8 |
| 2018-02-06 | CVE-2017-6258 | Out-of-bounds Write vulnerability in Google Android NVIDIA libnvmmlite_audio.so contains an elevation of privilege vulnerability when running in media server which may cause an out of bounds write and could lead to local code execution in a privileged process. | 7.8 |
| 2018-02-06 | CVE-2018-6654 | Origin Validation Error vulnerability in Grammarly 20180202 The Grammarly extension before 2018-02-02 for Chrome allows remote attackers to discover authentication tokens via an 'action: "user"' request to iframe.gr_-ifr, because the exposure of these tokens is not restricted to any specific web site. | 8.8 |
| 2018-02-06 | CVE-2018-6569 | Improper Authentication vulnerability in West-Wind web Connection West Wind Web Server 6.x does not require authentication for /ADMIN.ASP. | 8.8 |
| 2018-02-05 | CVE-2018-6651 | Cross-Site Request Forgery (CSRF) vulnerability in multiple products In the uncurl_ws_accept function in uncurl.c in uncurl before 0.07, as used in Parsec before 140-3, insufficient Origin header validation (accepting an arbitrary substring match) for WebSocket API requests allows remote attackers to bypass intended access restrictions. | 8.8 |
| 2018-02-05 | CVE-2018-6610 | Information Exposure vulnerability in Jlike Project Jlike 1.0 Information Leakage exists in the jLike 1.0 component for Joomla! via a task=getUserByCommentId request. | 7.5 |
| 2018-02-05 | CVE-2018-6635 | Inadequate Encryption Strength vulnerability in Avaya Aura System Manager in Avaya Aura before 7.1.2 does not properly use SSL in conjunction with authentication, which allows remote attackers to bypass intended Remote Method Invocation (RMI) restrictions, aka SMGR-26896. | 7.5 |
| 2018-02-05 | CVE-2018-6633 | Improper Input Validation vulnerability in Micropoint Proactive Defense 2.0.20266.0146 In Micropoint proactive defense software 2.0.20266.0146, the driver file (mp110005.sys) allows local users to cause a denial of service (BSOD) or possibly have unspecified other impact because of not validating input values from IOCtl 0x80000038. | 7.8 |
| 2018-02-05 | CVE-2018-6632 | Improper Input Validation vulnerability in Micropoint Proactive Defense 2.0.20266.0146 In Micropoint proactive defense software 2.0.20266.0146, the driver file (mp110005.sys) allows local users to cause a denial of service (BSOD) or possibly have unspecified other impact because of not validating input values from IOCtl 0x80000110. | 7.8 |
| 2018-02-05 | CVE-2018-6631 | Improper Input Validation vulnerability in Micropoint Proactive Defense 2.0.20266.0146 In Micropoint proactive defense software 2.0.20266.0146, the driver file (mp110009.sys) allows local users to cause a denial of service (BSOD) or possibly have unspecified other impact because of not validating input values from IOCtl 0x80000170. | 7.8 |