Vulnerabilities > High
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2018-03-06 | CVE-2017-15519 | Improper Authentication vulnerability in Netapp Snapcenter Server 2.0/3.0/3.0.1 Versions of SnapCenter 2.0 through 3.0.1 allow unauthenticated remote attackers to view and modify backup related data via the Plug-in for NAS File Services. | 7.2 |
| 2018-03-06 | CVE-2018-7735 | SQL Injection vulnerability in Afian Filerun Afian FileRun (before 2018.02.13) suffers from a remote SQL injection vulnerability, when logged in as superuser, via the search parameter in a /?module=metadata§ion=cpanel&page=list_filetypes request. | 7.2 |
| 2018-03-06 | CVE-2018-7734 | SQL Injection vulnerability in Afian Filerun Afian FileRun (before 2018.02.13) suffers from a remote SQL injection vulnerability, when logged in as superuser, via the search parameter in a /?module=users§ion=cpanel&page=list request. | 7.2 |
| 2018-03-06 | CVE-2018-7733 | Cross-Site Request Forgery (CSRF) vulnerability in Yxtcmf 3.1 An issue was discovered in YxtCMF 3.1. | 8.8 |
| 2018-03-06 | CVE-2018-1000100 | Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in multiple products GPAC MP4Box version 0.7.1 and earlier contains a Buffer Overflow vulnerability in src/isomedia/avc_ext.c lines 2417 to 2420 that can result in Heap chunks being modified, this could lead to RCE. | 7.8 |
| 2018-03-06 | CVE-2017-6296 | Race Condition vulnerability in multiple products NVIDIA TrustZone Software contains a TOCTOU issue in the DRM application which may lead to the denial of service or possible escalation of privileges. | 7.0 |
| 2018-03-06 | CVE-2017-6295 | Out-of-bounds Read vulnerability in multiple products NVIDIA TrustZone Software contains a vulnerability in the Keymaster implementation where the software reads data past the end, or before the beginning, of the intended buffer; and may lead to denial of service or information disclosure. | 8.4 |
| 2018-03-06 | CVE-2017-6282 | Write-what-where Condition vulnerability in multiple products NVIDIA Tegra kernel driver contains a vulnerability in NVMAP where an attacker has the ability to write an arbitrary value to an arbitrary location which may lead to an escalation of privileges. | 7.8 |
| 2018-03-06 | CVE-2017-6280 | Out-of-bounds Read vulnerability in Google Android NVIDIA driver contains a possible out-of-bounds read vulnerability due to a leak which may lead to information disclosure. | 7.5 |
| 2018-03-06 | CVE-2018-7307 | Cross-Site Request Forgery (CSRF) vulnerability in Auth0 Auth0.Js The Auth0 Auth0.js library before 9.3 has CSRF because it mishandles the case where the authorization response lacks the state parameter. | 8.8 |