Vulnerabilities > High

DATE CVE VULNERABILITY TITLE RISK
2018-04-11 CVE-2018-3888 Out-of-bounds Write vulnerability in Pl32 Photoline 20.53
A memory corruption vulnerability exists in the PCX-parsing functionality of Computerinsel Photoline 20.53.
local
low complexity
pl32 CWE-787
7.8
7.8
2018-04-11 CVE-2018-3887 Out-of-bounds Write vulnerability in Pl32 Photoline 20.53
A memory corruption vulnerability exists in the PCX-parsing functionality of Computerinsel Photoline 20.53.
local
low complexity
pl32 CWE-787
7.8
7.8
2018-04-11 CVE-2018-3886 Out-of-bounds Write vulnerability in Pl32 Photoline 20.53
A memory corruption vulnerability exists in the PCX-parsing functionality of Computerinsel Photoline 20.53.
local
low complexity
pl32 CWE-787
7.8
7.8
2018-04-11 CVE-2018-10054 Improper Input Validation vulnerability in multiple products
H2 1.4.197, as used in Datomic before 0.9.5697 and other products, allows remote code execution because CREATE ALIAS can execute arbitrary Java code.
network
low complexity
h2database cognitect CWE-20
8.8
8.8
2018-04-11 CVE-2018-10050 SQL Injection vulnerability in Iscripts Eswap 2.4
iScripts eSwap v2.4 has SQL injection via the "registration_settings.php" ddlFree parameter in the Admin Panel.
network
low complexity
iscripts CWE-89
7.2
7.2
2018-04-11 CVE-2018-10048 Cross-Site Request Forgery (CSRF) vulnerability in Iscripts Eswap 2.4
iScripts eSwap v2.4 has CSRF via "registration_settings.php" in the Admin Panel.
network
low complexity
iscripts CWE-352
8.8
8.8
2018-04-11 CVE-2018-1100 zsh through version 5.4.2 is vulnerable to a stack-based buffer overflow in the utils.c:checkmailpath function.
local
low complexity
zsh canonical redhat
7.8
7.8
2018-04-11 CVE-2018-10031 Cross-Site Request Forgery (CSRF) vulnerability in Cmsmadesimple CMS Made Simple
CMS Made Simple (aka CMSMS) 2.2.7 has CSRF in admin/moduleinterface.php.
network
low complexity
cmsmadesimple CWE-352
8.8
8.8
2018-04-11 CVE-2018-10030 Cross-Site Request Forgery (CSRF) vulnerability in Cmsmadesimple CMS Made Simple
CMS Made Simple (aka CMSMS) 2.2.7 has CSRF in admin/siteprefs.php.
network
low complexity
cmsmadesimple CWE-352
8.8
8.8
2018-04-11 CVE-2018-0022 Resource Exhaustion vulnerability in Juniper Junos
A Junos device with VPLS routing-instances configured on one or more interfaces may be susceptible to an mbuf leak when processing a specific MPLS packet.
network
low complexity
juniper CWE-400
7.5
7.5