Vulnerabilities > High
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2018-02-03 | CVE-2009-5144 | 7PK - Security Features vulnerability in MOD Gnutls Project MOD Gnutls mod-gnutls does not validate client certificates when "GnuTLSClientVerify require" is set in a directory context, which allows remote attackers to spoof clients via a crafted certificate. | 7.5 |
| 2018-02-02 | CVE-2018-6318 | Untrusted Search Path vulnerability in Sophos Tester 3.2.0.7 In Sophos Tester Tool 3.2.0.7 Beta, the driver loads (in the context of the application used to test an exploit or ransomware) the DLL using a payload that runs from NTDLL.DLL (so, it's run in userland), but the driver doesn't perform any validation of this DLL (not its signature, not its hash, etc.). | 7.8 |
| 2018-02-02 | CVE-2018-5261 | Missing Encryption of Sensitive Data vulnerability in Flexense Diskboss An issue was discovered in Flexense DiskBoss 8.8.16 and earlier. | 8.1 |
| 2018-02-02 | CVE-2016-0312 | Information Exposure vulnerability in IBM Tririga Application Platform IBM TRIRIGA Application Platform before 3.3.2 allows remote attackers to obtain sensitive information via vectors related to granting unauthenticated access to Document Manager. | 7.5 |
| 2018-02-02 | CVE-2014-1835 | Credentials Management vulnerability in Echor Project Echor 0.1.6 The perform_request function in /lib/echor/backplane.rb in echor 0.1.6 Ruby Gem allows local users to steal the login credentials by watching the process table. | 7.8 |
| 2018-02-02 | CVE-2014-1834 | Command Injection vulnerability in Echor Project Echor 0.1.6 The perform_request function in /lib/echor/backplane.rb in echor 0.1.6 Ruby Gem allows local users to inject arbitrary code by adding a semi-colon in their username or password. | 7.8 |
| 2018-02-02 | CVE-2017-5727 | NULL Pointer Dereference vulnerability in Intel Graphics Driver Pointer dereference in subsystem in Intel Graphics Driver 15.40.x.x, 15.45.x.x, 15.46.x.x allows unprivileged user to elevate privileges via local access. | 7.8 |
| 2018-02-02 | CVE-2017-18122 | Improper Verification of Cryptographic Signature vulnerability in multiple products A signature-validation bypass issue was discovered in SimpleSAMLphp through 1.14.16. | 8.1 |
| 2018-02-02 | CVE-2018-6560 | Interpretation Conflict vulnerability in multiple products In dbus-proxy/flatpak-proxy.c in Flatpak before 0.8.9, and 0.9.x and 0.10.x before 0.10.3, crafted D-Bus messages to the host can be used to break out of the sandbox, because whitespace handling in the proxy is not identical to whitespace handling in the daemon. | 8.8 |
| 2018-02-02 | CVE-2017-18080 | Cross-Site Request Forgery (CSRF) vulnerability in Atlassian Bamboo The saveConfigureSecurity resource in Atlassian Bamboo before version 6.3.1 allows remote attackers to modify security settings via a Cross-site request forgery (CSRF) vulnerability. | 8.8 |