Vulnerabilities > High
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2018-06-06 | CVE-2018-5841 | Insecure Default Initialization of Resource vulnerability in Google Android dcc_curr_list is initialized with a default invalid value that is expected to be programmed by the user through a sysfs node which could lead to an invalid access in all Android releases from CAF (Android for MSM, Firefox OS for MSM, QRD Android) using the Linux Kernel. | 7.8 |
| 2018-06-06 | CVE-2018-5840 | Classic Buffer Overflow vulnerability in Google Android Buffer Copy without Checking Size of Input can occur during the DRM SDE driver initialization sequence in all Android releases from CAF (Android for MSM, Firefox OS for MSM, QRD Android) using the Linux Kernel. | 7.8 |
| 2018-06-06 | CVE-2018-3852 | Improper Input Validation vulnerability in Onssi Ocularis 5.5.0.242 An exploitable denial of service vulnerability exists in the Ocularis Recorder functionality of Ocularis 5.5.0.242. | 7.5 |
| 2018-06-06 | CVE-2018-3580 | Out-of-bounds Write vulnerability in Google Android Stack-based buffer overflow can occur In the WLAN driver if the pmkid_count value is larger than the PMKIDCache size in all Android releases from CAF (Android for MSM, Firefox OS for MSM, QRD Android) using the Linux Kernel. | 7.8 |
| 2018-06-06 | CVE-2018-3578 | Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in Google Android Type mismatch for ie_len can cause the WLAN driver to allocate less memory on the heap due to implicit casting leading to a heap buffer overflow in all Android releases from CAF (Android for MSM, Firefox OS for MSM, QRD Android) using the Linux Kernel. | 7.8 |
| 2018-06-06 | CVE-2018-3565 | Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in Google Android While sending a probe request indication in lim_send_sme_probe_req_ind() in all Android releases from CAF (Android for MSM, Firefox OS for MSM, QRD Android) using the Linux Kernel, a buffer overflow can occur. | 7.8 |
| 2018-06-06 | CVE-2017-18154 | Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in Google Android A crafted binder request can cause an arbitrary unmap in MediaServer in all Android releases from CAF (Android for MSM, Firefox OS for MSM, QRD Android) using the Linux Kernel. | 7.8 |
| 2018-06-06 | CVE-2018-1265 | Unrestricted Upload of File with Dangerous Type vulnerability in multiple products Cloud Foundry Diego, release versions prior to 2.8.0, does not properly sanitize file paths in tar and zip files headers. | 7.2 |
| 2018-06-06 | CVE-2017-7906 | Cross-Site Request Forgery (CSRF) vulnerability in ABB IP Gateway Firmware 3.39 In ABB IP GATEWAY 3.39 and prior, the web server does not sufficiently verify that a request was performed by the authenticated user, which may allow an attacker to launch a request impersonating that user. | 8.8 |
| 2018-06-06 | CVE-2018-1000203 | Unspecified vulnerability in Soarlabs Soarcoin 4A2Aa71Ee21014E2880A3F7Aad11091Ed6Ad434F Soar Labs Soar Coin version up to and including git commit 4a2aa71ee21014e2880a3f7aad11091ed6ad434f (latest release as of Sept 2017) contains an intentional backdoor vulnerability in the function zero_fee_transaction() that can result in theft of Soar Coins by the "onlycentralAccount" (Soar Labs) after payment is processed. | 7.5 |