Vulnerabilities > High
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2018-04-30 | CVE-2018-10576 | Improper Authentication vulnerability in Watchguard Ap100 Firmware, Ap102 Firmware and Ap200 Firmware An issue was discovered on WatchGuard AP100, AP102, and AP200 devices with firmware before 1.2.9.15. | 7.8 |
| 2018-04-30 | CVE-2018-1102 | Unspecified vulnerability in Redhat Openshift A flaw was found in source-to-image function as shipped with Openshift Enterprise 3.x. | 8.8 |
| 2018-04-30 | CVE-2018-5234 | Unspecified vulnerability in Symantec Norton Core Firmware The Norton Core router prior to v237 may be susceptible to a command injection exploit. low complexity symantec | 8.0 |
| 2018-04-30 | CVE-2018-9310 | Unspecified vulnerability in Magnicomp Sysinfo 10H76/10H80/10H81 An issue was discovered in MagniComp SysInfo before 10-H82 if setuid root (the default). | 7.8 |
| 2018-04-30 | CVE-2018-10573 | Unspecified vulnerability in Open-Emr Openemr interface/fax/fax_dispatch.php in OpenEMR before 5.0.1 allows remote authenticated users to bypass intended access restrictions via the scan parameter. | 8.8 |
| 2018-04-30 | CVE-2018-8839 | Out-of-bounds Write vulnerability in Deltaww Pmsoft 2.04/2.08/2.10 Delta PMSoft versions 2.10 and prior have multiple stack-based buffer overflow vulnerabilities where a .ppm file can introduce a value larger than is readable by PMSoft's fixed-length stack buffer. | 7.8 |
| 2018-04-30 | CVE-2018-7891 | Deserialization of Untrusted Data vulnerability in multiple products The Milestone XProtect Video Management Software (Corporate, Expert, Professional+, Express+, Essential+) 2016 R1 (10.0.a) to 2018 R1 (12.1a) contains .NET Remoting endpoints that are vulnerable to deserialization attacks resulting in remote code execution. | 8.1 |
| 2018-04-30 | CVE-2017-2591 | Out-of-bounds Read vulnerability in multiple products 389-ds-base before version 1.3.6 is vulnerable to an improperly NULL terminated array in the uniqueness_entry_to_config() function in the "attribute uniqueness" plugin of 389 Directory Server. | 7.5 |
| 2018-04-30 | CVE-2018-10550 | Improper Privilege Management vulnerability in Octopus Deploy In Octopus Deploy before 2018.4.7, target and tenant tag variable scopes were not checked against the list of tenants the user has access to. | 7.5 |
| 2018-04-29 | CVE-2018-10549 | Out-of-bounds Read vulnerability in multiple products An issue was discovered in PHP before 5.6.36, 7.0.x before 7.0.30, 7.1.x before 7.1.17, and 7.2.x before 7.2.5. | 8.8 |