Vulnerabilities > High
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2018-04-12 | CVE-2018-1086 | Information Exposure vulnerability in multiple products pcs before versions 0.9.164 and 0.10 is vulnerable to a debug parameter removal bypass. | 7.5 |
| 2018-04-12 | CVE-2018-9118 | Path Traversal vulnerability in 99Robots WP Background Takeover Advertisements exports/download.php in the 99 Robots WP Background Takeover Advertisements plugin before 4.1.5 for WordPress has Directory Traversal via a .. | 7.5 |
| 2018-04-12 | CVE-2017-6910 | Information Exposure vulnerability in multiple products The HTTP and WebSocket engine components in the server in Kaazing Gateway before 4.5.3 hotfix-1, Gateway - JMS Edition before 4.0.5 hotfix-15, 4.0.6 before hotfix-4, 4.0.7, 4.0.9 before hotfix-19, 4.4.x before 4.4.2 hotfix-1, 4.5.x before 4.5.3 hotfix-1, and Gateway Community and Enterprise Editions before 5.6.0 allow remote attackers to bypass intended access restrictions and obtain sensitive information via vectors related to HTTP request handling. | 7.5 |
| 2018-04-12 | CVE-2014-6633 | Command Injection vulnerability in Tryton The safe_eval function in trytond in Tryton before 2.4.15, 2.6.x before 2.6.14, 2.8.x before 2.8.11, 3.0.x before 3.0.7, and 3.2.x before 3.2.3 allows remote authenticated users to execute arbitrary commands via shell metacharacters in (1) the collection.domain in the webdav module or (2) the formula field in the price_list module. | 8.8 |
| 2018-04-12 | CVE-2014-6309 | Information Exposure vulnerability in Tenefit Kaazing Websocket Gateway 4.0.2/4.0.3/4.0.4 The HTTP and WebSocket engine components in the server in Kaazing Gateway 4.0.2, 4.0.3, and 4.0.4 and Gateway - JMS Edition 4.0.2, 4.0.3, and 4.0.4 allow remote attackers to obtain sensitive information via vectors related to HTTP request handling. | 7.5 |
| 2018-04-12 | CVE-2018-9860 | Off-by-one Error vulnerability in Botan Project Botan An issue was discovered in Botan 1.11.32 through 2.x before 2.6.0. | 7.5 |
| 2018-04-12 | CVE-2018-1030 | Unspecified vulnerability in Microsoft Office 2013/2016 A remote code execution vulnerability exists in Microsoft Office software when the software fails to properly handle objects in memory, aka "Microsoft Office Remote Code Execution Vulnerability." This affects Microsoft Office. | 8.8 |
| 2018-04-12 | CVE-2018-1029 | Unspecified vulnerability in Microsoft Excel, Excel Viewer and Office Compatibility Pack A remote code execution vulnerability exists in Microsoft Excel software when the software fails to properly handle objects in memory, aka "Microsoft Excel Remote Code Execution Vulnerability." This affects Microsoft Excel Viewer, Microsoft Office, Microsoft Excel. | 7.8 |
| 2018-04-12 | CVE-2018-1028 | Code Injection vulnerability in Microsoft products A remote code execution vulnerability exists when the Office graphics component improperly handles specially crafted embedded fonts, aka "Microsoft Office Graphics Remote Code Execution Vulnerability." This affects Word, Microsoft Office, Microsoft SharePoint, Excel, Microsoft SharePoint Server. | 8.8 |
| 2018-04-12 | CVE-2018-1027 | Unspecified vulnerability in Microsoft Excel and Office Compatibility Pack A remote code execution vulnerability exists in Microsoft Excel software when the software fails to properly handle objects in memory, aka "Microsoft Excel Remote Code Execution Vulnerability." This affects Microsoft Excel, Microsoft Office. | 7.8 |