Vulnerabilities > High
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2018-01-16 | CVE-2017-16549 | Out-of-bounds Write vulnerability in K7Computing products K7 Antivirus Premium before 15.1.0.53 allows local users to write to arbitrary memory locations, and consequently gain privileges, via a specific set of IOCTL calls. | 7.8 |
| 2018-01-16 | CVE-2017-11072 | Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in Google Android In Android for MSM, Firefox OS for MSM, QRD Android, with all Android releases from CAF using the Linux kernel, while calculating CRC for GPT header fields with partition entries greater than 16384 buffer overflow occurs. | 7.8 |
| 2018-01-16 | CVE-2018-5706 | Improper Privilege Management vulnerability in Octopus Deploy An issue was discovered in Octopus Deploy before 4.1.9. | 8.8 |
| 2018-01-16 | CVE-2018-5709 | Integer Overflow or Wraparound vulnerability in MIT Kerberos An issue was discovered in MIT Kerberos 5 (aka krb5) through 1.16. | 7.5 |
| 2018-01-15 | CVE-2018-5329 | Cross-Site Request Forgery (CSRF) vulnerability in Beims Contractorweb.Net 5.18.0.0 ZUUSE BEIMS ContractorWeb .NET 5.18.0.0 is vulnerable to Cross-Site Request Forgery (CSRF) on /CWEBNET/* authenticated pages. | 8.8 |
| 2018-01-15 | CVE-2018-5702 | Transmission through 2.92 relies on X-Transmission-Session-Id (which is not a forbidden header for Fetch) for access control, which allows remote attackers to execute arbitrary RPC commands, and consequently write to arbitrary files, via POST requests to /transmission/rpc in conjunction with a DNS rebinding attack. | 8.8 |
| 2018-01-14 | CVE-2018-5700 | Path Traversal vulnerability in Magicwinmail Winmail Server Winmail Server through 6.2 allows remote code execution by authenticated users who leverage directory traversal in a netdisk.php copy_folder_file call (in inc/class.ftpfolder.php) to move a .php file from the FTP folder into a web folder. | 8.8 |
| 2018-01-14 | CVE-2017-15126 | Unspecified vulnerability in Linux Kernel A use-after-free flaw was found in fs/userfaultfd.c in the Linux kernel before 4.13.6. | 8.1 |
| 2018-01-14 | CVE-2018-5698 | Out-of-bounds Read vulnerability in Wizardmac Readstat 0.1.1 libreadstat.a in WizardMac ReadStat 0.1.1 has a heap-based buffer over-read via an unterminated string. | 7.8 |
| 2018-01-14 | CVE-2018-5697 | SQL Injection vulnerability in Icyphoenix 2.2.0.105 Icy Phoenix 2.2.0.105 allows SQL injection via an unapprove request to admin_kb_art.php or the order parameter to admin_jr_admin.php, related to functions_kb.php. | 7.2 |