Vulnerabilities > High
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2018-02-06 | CVE-2018-6769 | Improper Input Validation vulnerability in Jiangmin Antivirus 16.0.0.100 In Jiangmin Antivirus 16.0.0.100, the driver file (KrnlCall.sys) allows local users to cause a denial of service (BSOD) or possibly have unspecified other impact because of not validating input values from IOCtl 0x99008020. | 7.8 |
| 2018-02-06 | CVE-2018-6768 | Improper Input Validation vulnerability in Jiangmin Antivirus 16.0.0.100 In Jiangmin Antivirus 16.0.0.100, the driver file (KSysCall.sys) allows local users to cause a denial of service (BSOD) or possibly have unspecified other impact because of not validating input values from IOCtl 0x9A008090. | 7.8 |
| 2018-02-06 | CVE-2018-6767 | Out-of-bounds Read vulnerability in multiple products A stack-based buffer over-read in the ParseRiffHeaderConfig function of cli/riff.c file of WavPack 5.1.0 allows a remote attacker to cause a denial-of-service attack or possibly have unspecified other impact via a maliciously crafted RF64 file. | 7.8 |
| 2018-02-06 | CVE-2018-5457 | Uncontrolled Search Path Element vulnerability in Vyaire Carefusion Upgrade Utility 2.0.2.2 A uncontrolled search path element issue was discovered in Vyaire Medical CareFusion Upgrade Utility used with Windows XP systems, Versions 2.0.2.2 and prior versions. | 7.0 |
| 2018-02-06 | CVE-2018-1299 | Path Traversal vulnerability in Apache Allura In Apache Allura before 1.8.0, unauthenticated attackers may retrieve arbitrary files through the Allura web application. | 7.5 |
| 2018-02-06 | CVE-2016-3952 | Credentials Management vulnerability in Web2Py web2py before 2.14.1, when using the standalone version, allows remote attackers to obtain environment variable values via a direct request to examples/template_examples/beautify. | 7.8 |
| 2018-02-06 | CVE-2018-6389 | Resource Exhaustion vulnerability in Wordpress In WordPress through 4.9.2, unauthenticated attackers can cause a denial of service (resource consumption) by using the large list of registered .js files (from wp-includes/script-loader.php) to construct a series of requests to load every file many times. | 7.5 |
| 2018-02-06 | CVE-2017-6201 | Server-Side Request Forgery (SSRF) vulnerability in Sandstorm A Server Side Request Forgery vulnerability exists in the install app process in Sandstorm before build 0.203. | 8.1 |
| 2018-02-06 | CVE-2017-17996 | Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in Flexense Syncbreeze A buffer overflow vulnerability in "Add command" functionality exists in Flexense SyncBreeze Enterprise <= 10.3.14. | 8.8 |
| 2018-02-06 | CVE-2014-5282 | Improper Input Validation vulnerability in Docker Docker before 1.3 does not properly validate image IDs, which allows remote attackers to redirect to another image through the loading of untrusted images via 'docker load'. | 8.1 |