Vulnerabilities > High
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2018-01-21 | CVE-2018-5958 | Improper Input Validation vulnerability in Zillya Zillya! Antivirus 3.0.2230.0 In Zillya! Antivirus 3.0.2230.0, the driver file (zef.sys) allows local users to cause a denial of service (BSOD) or possibly have unspecified other impact because of not validating input values from IOCtl 0x9C402424. | 7.8 |
| 2018-01-21 | CVE-2018-5957 | Improper Input Validation vulnerability in Zillya Zillya! Antivirus 3.0.2230.0 In Zillya! Antivirus 3.0.2230.0, the driver file (zef.sys) allows local users to cause a denial of service (BSOD) or possibly have unspecified other impact because of not validating input values from IOCtl 0x9C40242C. | 7.8 |
| 2018-01-21 | CVE-2018-5956 | Improper Input Validation vulnerability in Zillya Zillya! Antivirus 3.0.2230.0 In Zillya! Antivirus 3.0.2230.0, the driver file (zef.sys) allows local users to cause a denial of service (BSOD) or possibly have unspecified other impact because of not validating input values from IOCtl 0x9C402414. | 7.8 |
| 2018-01-21 | CVE-2016-10708 | NULL Pointer Dereference vulnerability in multiple products sshd in OpenSSH before 7.4 allows remote attackers to cause a denial of service (NULL pointer dereference and daemon crash) via an out-of-sequence NEWKEYS message, as demonstrated by Honggfuzz, related to kex.c and packet.c. | 7.5 |
| 2018-01-20 | CVE-2017-15112 | Information Exposure vulnerability in Keycloak-Httpd-Client-Install Project Keycloak-Httpd-Client-Install keycloak-httpd-client-install versions before 0.8 allow users to insecurely pass password through command line, leaking it via command history and process info to other local users. | 7.8 |
| 2018-01-20 | CVE-2017-15108 | spice-vdagent up to and including 0.17.0 does not properly escape save directory before passing to shell, allowing local attacker with access to the session the agent runs in to inject arbitrary commands to be executed. | 7.8 |
| 2018-01-20 | CVE-2017-12130 | NULL Pointer Dereference vulnerability in Tinysvcmdns Project Tinysvcmdns 20171105 An exploitable NULL pointer dereference vulnerability exists in the tinysvcmdns library version 2017-11-05. | 7.5 |
| 2018-01-19 | CVE-2017-14460 | Unspecified vulnerability in Parity Ethereum Client 1.7.8 An exploitable overly permissive cross-domain (CORS) whitelist vulnerability exists in JSON-RPC of Parity Ethereum client version 1.7.8. | 7.5 |
| 2018-01-19 | CVE-2017-14457 | Out-of-bounds Read vulnerability in Ethereum Virtual Machine An exploitable information leak/denial of service vulnerability exists in the libevm (Ethereum Virtual Machine) `create2` opcode handler of CPP-Ethereum. | 8.2 |
| 2018-01-19 | CVE-2017-12119 | Improper Check for Unusual or Exceptional Conditions vulnerability in Ethereum Cpp-Ethereum An exploitable unhandled exception vulnerability exists in multiple APIs of CPP-Ethereum JSON-RPC. | 7.5 |