Vulnerabilities > High
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2018-02-05 | CVE-2018-6626 | Improper Input Validation vulnerability in Micropoint Proactive Defense 2.0.20266.0146 In Micropoint proactive defense software 2.0.20266.0146, the driver file (mp110005.sys) allows local users to cause a denial of service (BSOD) or possibly have unspecified other impact because of not validating input values from IOCtl 0x80000035. | 7.8 |
| 2018-02-05 | CVE-2018-6625 | Improper Input Validation vulnerability in Watchdogdevelopment Anti-Malware 2.74.186.150 In WatchDog Anti-Malware 2.74.186.150, the driver file (ZAMGUARD32.SYS) allows local users to cause a denial of service (BSOD) or possibly have unspecified other impact because of not validating input values from IOCtl 0x80002010. | 7.8 |
| 2018-02-05 | CVE-2017-9414 | Cross-Site Request Forgery (CSRF) vulnerability in Subsonic 6.1.1 Cross-site request forgery (CSRF) vulnerability in the Subscribe to Podcast feature in Subsonic 6.1.1 allows remote attackers to hijack the authentication of unspecified victims for requests that conduct cross-site scripting (XSS) attacks or possibly have unspecified other impact via the name parameter to playerSettings.view. | 8.8 |
| 2018-02-05 | CVE-2015-4179 | Cross-Site Request Forgery (CSRF) vulnerability in Codestyling Localization Project Codestyling Localization Multiple cross-site request forgery (CSRF) vulnerabilities in the Codestyling Localization plugin 1.99.30 and earlier for Wordpress. | 8.8 |
| 2018-02-05 | CVE-2015-1418 | Information Exposure vulnerability in Freebsd 10.1/10.2 The do_ed_script function in pch.c in GNU patch through 2.7.6, and patch in FreeBSD 10.1 before 10.1-RELEASE-p17, 10.2 before 10.2-BETA2-p3, 10.2-RC1 before 10.2-RC1-p2, and 0.2-RC2 before 10.2-RC2-p1, allows remote attackers to execute arbitrary commands via a crafted patch file, because a '!' character can be passed to the ed program. | 7.8 |
| 2018-02-05 | CVE-2015-1416 | Permissions, Privileges, and Access Controls vulnerability in Freebsd 10.0/10.1/10.2 Larry Wall's patch; patch in FreeBSD 10.2-RC1 before 10.2-RC1-p1, 10.2 before 10.2-BETA2-p2, and 10.1 before 10.1-RELEASE-p16; Bitrig; GNU patch before 2.2.5; and possibly other patch variants allow remote attackers to execute arbitrary shell commands via a crafted patch file. | 7.8 |
| 2018-02-05 | CVE-2018-6461 | Untrusted Search Path vulnerability in March-Hare Wincvs March Hare WINCVS before 2.8.01 build 6610, and CVS Suite before 2009R2 build 6610, contains an Insecure Library Loading vulnerability in the wincvs2.exe or wincvs.exe file, which may allow local users to gain privileges via a Trojan horse Python or TCL DLL file in the current working directory. | 7.8 |
| 2018-02-05 | CVE-2018-5797 | Use of Hard-coded Credentials vulnerability in Extremenetworks Extremewireless Wing An issue was discovered in Extreme Networks ExtremeWireless WiNG 5.x before 5.8.6.9 and 5.9.x before 5.9.1.3. | 7.5 |
| 2018-02-05 | CVE-2018-5796 | Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in Extremewireless Wing An issue was discovered in Extreme Networks ExtremeWireless WiNG 5.x before 5.8.6.9 and 5.9.x before 5.9.1.3. | 7.2 |
| 2018-02-05 | CVE-2018-5789 | XXE vulnerability in Extremewireless Wing An issue was discovered in Extreme Networks ExtremeWireless WiNG 5.x before 5.8.6.9 and 5.9.x before 5.9.1.3. | 7.5 |