Vulnerabilities > High
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2018-04-05 | CVE-2017-12088 | Improper Input Validation vulnerability in Rockwellautomation Micrologix 1400 B Firmware An exploitable denial of service vulnerability exists in the Ethernet functionality of the Allen Bradley Micrologix 1400 Series B FRN 21.2 and below. | 7.5 |
| 2018-04-05 | CVE-2017-2861 | Out-of-bounds Read vulnerability in Natus Xltek Neuroworks 8 An exploitable Denial of Service vulnerability exists in the use of a return value in the NewProducerStream command in Natus Xltek NeuroWorks 8. | 7.5 |
| 2018-04-05 | CVE-2017-0431 | Unspecified vulnerability in Google Android An elevation of privilege vulnerability in Qualcomm closed source components. | 7.8 |
| 2018-04-05 | CVE-2016-8482 | Permissions, Privileges, and Access Controls vulnerability in Google Android An elevation of privilege vulnerability in the NVIDIA GPU driver. | 7.8 |
| 2018-04-05 | CVE-2015-9016 | Race Condition vulnerability in Google Android In blk_mq_tag_to_rq in blk-mq.c in the upstream kernel, there is a possible use after free due to a race condition when a request has been previously freed by blk_mq_complete_request. | 7.0 |
| 2018-04-05 | CVE-2018-9233 | Use of Password Hash With Insufficient Computational Effort vulnerability in Sophos Endpoint Protection 10.7 Sophos Endpoint Protection 10.7 uses an unsalted SHA-1 hash for password storage in %PROGRAMDATA%\Sophos\Sophos Anti-Virus\Config\machine.xml, which makes it easier for attackers to determine a cleartext password, and subsequently choose unsafe malware settings, via rainbow tables or other approaches. | 7.8 |
| 2018-04-05 | CVE-2018-3624 | Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in Intel 2G Modem Firmware Buffer overflow in ETWS processing module Intel XMM71xx, XMM72xx, XMM73xx, XMM74xx and Sofia 3G/R allows remote attacker to potentially execute arbitrary code via an adjacent network. | 8.3 |
| 2018-04-05 | CVE-2016-8380 | Improper Authentication vulnerability in Phoenixcontact ILC Plcs Firmware The web server in Phoenix Contact ILC PLCs allows access to read and write PLC variables without authentication. | 7.3 |
| 2018-04-05 | CVE-2016-8371 | Improper Authentication vulnerability in Phoenixcontact ILC Plcs Firmware The web server in Phoenix Contact ILC PLCs can be accessed without authenticating even if the authentication mechanism is enabled. | 7.3 |
| 2018-04-05 | CVE-2016-8366 | Credentials Management vulnerability in Phoenixcontact ILC Plcs Firmware Webvisit in Phoenix Contact ILC PLCs offers a password macro to protect HMI pages on the PLC against casual or coincidental opening of HMI pages by the user. | 7.3 |