Vulnerabilities > High

DATE CVE VULNERABILITY TITLE RISK
2018-03-13 CVE-2018-1000098 Integer Overflow or Wraparound vulnerability in multiple products
Teluu PJSIP version 2.7.1 and earlier contains a Integer Overflow vulnerability in pjmedia SDP parsing that can result in Crash.
network
low complexity
teluu debian CWE-190
7.5
2018-03-13 CVE-2018-1000097 Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in multiple products
Sharutils sharutils (unshar command) version 4.15.2 contains a Buffer Overflow vulnerability in Affected component on the file unshar.c at line 75, function looks_like_c_code.
local
low complexity
debian canonical gnu CWE-119
7.8
2018-03-13 CVE-2018-1000096 Improper Certificate Validation vulnerability in Tiny-Json-Http Project Tiny-Json-Http
brianleroux tiny-json-http version all versions since commit 9b8e74a232bba4701844e07bcba794173b0238a8 (Oct 29 2016) contains a Missing SSL certificate validation vulnerability in The libraries core functionality is affected.
network
high complexity
tiny-json-http-project CWE-295
8.1
2018-03-13 CVE-2018-1000094 Unrestricted Upload of File with Dangerous Type vulnerability in Cmsmadesimple CMS Made Simple 2.2.5
CMS Made Simple version 2.2.5 contains a Remote Code Execution vulnerability in File Manager that can result in Allows an authenticated admin that has access to the file manager to execute code on the server.
network
low complexity
cmsmadesimple CWE-434
7.2
2018-03-12 CVE-2018-7562 Unrestricted Upload of File with Dangerous Type vulnerability in Glpi-Project Glpi
A remote code execution issue was discovered in GLPI through 9.2.1.
network
high complexity
glpi-project CWE-434
7.5
2018-03-12 CVE-2018-6623 Incorrect Permission Assignment for Critical Resource vulnerability in Hola VPN 1.79.859
An issue was discovered in Hola 1.79.859.
network
low complexity
hola CWE-732
8.8
2018-03-12 CVE-2018-6400 Unspecified vulnerability in Kingsoftstore WPS Office Free 10.2.0.5978
Kingsoft WPS Office Free 10.2.0.5978 allows local users to gain privileges or cause a denial of service by impersonating all the pipes through a use of \\.\pipe\WPSCloudSvr\WpsCloudSvr -- an "insecurely created named pipe." Ensures full access to Everyone users group.
local
low complexity
kingsoftstore
7.8
2018-03-12 CVE-2018-6322 Unspecified vulnerability in Pandasecurity Panda Global Protection 17.0.1
Panda Global Protection 17.0.1 allows local users to gain privileges or cause a denial of service by impersonating all the pipes through a use of \.\pipe\PSANMSrvcPpal -- an "insecurely created named pipe." Ensures full access to Everyone users group.
local
low complexity
pandasecurity
7.8
2018-03-12 CVE-2018-6321 Unquoted Search Path or Element vulnerability in Pandasecurity Panda Global Protection 17.0.1
Unquoted Windows search path vulnerability in the panda_url_filtering service in Panda Global Protection 17.0.1 allows local users to gain privileges via a malicious artefact.
local
low complexity
pandasecurity CWE-428
7.8
2018-03-12 CVE-2018-6183 Unspecified vulnerability in Bitdefender Total Security 2018
BitDefender Total Security 2018 allows local users to gain privileges or cause a denial of service by impersonating all the pipes through a use of an "insecurely created named pipe".
local
low complexity
bitdefender
7.8