Vulnerabilities > High
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2018-01-31 | CVE-2018-6479 | Unspecified vulnerability in Seasofsolutions IP Camera Firmware An issue was discovered on Netwave IP Camera devices. | 7.5 |
| 2018-01-31 | CVE-2018-0136 | Unspecified vulnerability in Cisco IOS XR 5.3.4 A vulnerability in the IPv6 subsystem of Cisco IOS XR Software Release 5.3.4 for the Cisco Aggregation Services Router (ASR) 9000 Series could allow an unauthenticated, remote attacker to trigger a reload of one or more Trident-based line cards, resulting in a denial of service (DoS) condition. | 8.6 |
| 2018-01-31 | CVE-2017-16945 | Incorrect Permission Assignment for Critical Resource vulnerability in Haystacksoftware ARQ The standardrestorer binary in Arq 5.10 and earlier for Mac allows local users to write to arbitrary files and consequently gain root privileges via a crafted restore path. | 7.8 |
| 2018-01-31 | CVE-2017-16928 | Incorrect Permission Assignment for Critical Resource vulnerability in Haystacksoftware ARQ The arq_updater binary in Arq 5.10 and earlier for Mac allows local users to write to arbitrary files and consequently gain root privileges via a crafted update URL, as demonstrated by file:///tmp/blah/Arq.zip. | 7.8 |
| 2018-01-31 | CVE-2017-15656 | Insufficiently Protected Credentials vulnerability in Asus Asuswrt 3.0.0.4.378/3.0.0.4.380.7743 Password are stored in plaintext in nvram in the HTTPd server in all current versions (<= 3.0.0.4.380.7743) of Asus asuswrt. | 8.8 |
| 2018-01-31 | CVE-2017-15654 | Use of Insufficiently Random Values vulnerability in Asus Asuswrt 3.0.0.4.378/3.0.0.4.380.7743 Highly predictable session tokens in the HTTPd server in all current versions (<= 3.0.0.4.380.7743) of Asus asuswrt allow gaining administrative router access. | 8.3 |
| 2018-01-31 | CVE-2017-15653 | Insufficient Session Expiration vulnerability in Asus Asuswrt Improper administrator IP validation after his login in the HTTPd server in all current versions (<= 3.0.0.4.380.7743) of Asus asuswrt allows an unauthorized user to execute any action knowing administrator session token by using a specific User-Agent string. | 8.8 |
| 2018-01-31 | CVE-2018-6475 | Untrusted Search Path vulnerability in Superantispyware 6.0.1254 In SUPERAntiSpyware Professional Trial 6.0.1254, SUPERAntiSpyware.exe allows DLL hijacking, leading to Escalation of Privileges. | 7.8 |
| 2018-01-31 | CVE-2018-6474 | Improper Input Validation vulnerability in Superantispyware 6.0.1254 In SUPERAntiSpyware Professional Trial 6.0.1254, the driver file (SASKUTIL.SYS) allows local users to cause a denial of service (BSOD) or possibly have unspecified other impact because of not validating input values from IOCtl 0x9C402148. | 7.8 |
| 2018-01-31 | CVE-2018-6473 | Improper Input Validation vulnerability in Superantispyware 6.0.1254 In SUPERAntiSpyware Professional Trial 6.0.1254, the driver file (SASKUTIL.SYS) allows local users to cause a denial of service (BSOD) or possibly have unspecified other impact because of not validating input values from IOCtl 0x9C402080. | 7.8 |