Vulnerabilities > High
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2018-03-09 | CVE-2018-0521 | Missing Authentication for Critical Function vulnerability in Buffalo Wxr-1900Dhp2 Firmware 2.48 Buffalo WXR-1900DHP2 firmware Ver.2.48 and earlier allows an attacker to bypass authentication and execute arbitrary commands on the device via unspecified vectors. | 8.8 |
| 2018-03-09 | CVE-2017-10854 | Missing Authentication for Critical Function vulnerability in Corega Cg-Wgr 1200 Firmware 2.20 Corega CG-WGR1200 firmware 2.20 and earlier allows an attacker to bypass authentication and change the login password via unspecified vectors. | 8.8 |
| 2018-03-09 | CVE-2017-10853 | Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in Corega Cg-Wgr 1200 Firmware 2.20 Buffer overflow in Corega CG-WGR1200 firmware 2.20 and earlier allows an attacker to execute arbitrary commands via unspecified vectors. | 8.8 |
| 2018-03-09 | CVE-2017-10852 | Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in Corega Cg-Wgr 1200 Firmware 2.20 Buffer overflow in Corega CG-WGR1200 firmware 2.20 and earlier allows an attacker to execute arbitrary code via unspecified vectors. | 8.8 |
| 2018-03-09 | CVE-2018-1069 | Incorrect Permission Assignment for Critical Resource vulnerability in Redhat Openshift 3.7 Red Hat OpenShift Enterprise version 3.7 is vulnerable to access control override for container network filesystems. | 7.1 |
| 2018-03-08 | CVE-2018-7889 | Deserialization of Untrusted Data vulnerability in Calibre-Ebook Calibre 3.18.0 gui2/viewer/bookmarkmanager.py in Calibre 3.18 calls cPickle.load on imported bookmark data, which allows remote attackers to execute arbitrary code via a crafted .pickle file, as demonstrated by Python code that contains an os.system call. | 7.8 |
| 2018-03-08 | CVE-2018-5313 | Incorrect Permission Assignment for Critical Resource vulnerability in Rapidscada Rapid Scada 5.5.0 A vulnerability allows local attackers to escalate privilege on Rapid Scada 5.5.0 because of weak C:\SCADA permissions. | 7.8 |
| 2018-03-08 | CVE-2014-7272 | Permissions, Privileges, and Access Controls vulnerability in multiple products Simple Desktop Display Manager (SDDM) before 0.10.0 allows local users to gain root privileges because code running as root performs write operations within a user home directory, and this user may have created links in advance (exploitation requires the user to win a race condition in the ~/.Xauthority chown case, but not other cases). | 7.8 |
| 2018-03-08 | CVE-2014-7271 | Missing Authentication for Critical Function vulnerability in multiple products Simple Desktop Display Manager (SDDM) before 0.10.0 allows local users to log in as user "sddm" without authentication. | 7.8 |
| 2018-03-08 | CVE-2018-7871 | Out-of-bounds Read vulnerability in multiple products There is a heap-based buffer over-read in the getName function of util/decompile.c in libming 0.4.8 for CONSTANT16 data. | 8.8 |