Vulnerabilities > High
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2018-03-28 | CVE-2018-8885 | Race Condition vulnerability in Canonical Screen-Resolution-Extra and Ubuntu Linux screenresolution-mechanism in screen-resolution-extra 0.17.2 does not properly use the PolicyKit D-Bus API, which allows local users to bypass intended access restrictions by leveraging a race condition via a setuid or pkexec process that is mishandled in a PolicyKitService._check_permission call. | 7.0 |
| 2018-03-28 | CVE-2018-8820 | SQL Injection vulnerability in Square-9 Globalforms 6.2 An issue was discovered in Square 9 GlobalForms 6.2.x. | 7.5 |
| 2018-03-28 | CVE-2018-1064 | Resource Exhaustion vulnerability in multiple products libvirt version before 4.2.0-rc1 is vulnerable to a resource exhaustion as a result of an incomplete fix for CVE-2018-5748 that affects QEMU monitor but now also triggered via QEMU guest agent. | 7.5 |
| 2018-03-28 | CVE-2017-11509 | SQL Injection vulnerability in multiple products An authenticated remote attacker can execute arbitrary code in Firebird SQL Server versions 2.5.7 and 3.0.2 by executing a malformed SQL statement. | 8.8 |
| 2018-03-28 | CVE-2018-1083 | Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in multiple products Zsh before version 5.4.2-test-1 is vulnerable to a buffer overflow in the shell autocomplete functionality. | 7.8 |
| 2018-03-28 | CVE-2018-9108 | Cross-Site Request Forgery (CSRF) vulnerability in Quickappscms Quickapps CMS 2.0.0 CSRF in /admin/user/manage/add in QuickAppsCMS 2.0.0-beta2 allows an unauthorized remote attacker to create an account with admin privileges. | 8.8 |
| 2018-03-28 | CVE-2018-9107 | Improper Neutralization of Formula Elements in a CSV File vulnerability in Acyba Acymailing CSV Injection (aka Excel Macro Injection or Formula Injection) exists in the export feature in the Acyba AcyMailing extension before 5.9.6 for Joomla! via a value that is mishandled in a CSV export. | 8.8 |
| 2018-03-28 | CVE-2018-9106 | Improper Neutralization of Formula Elements in a CSV File vulnerability in Acyba Acysms CSV Injection (aka Excel Macro Injection or Formula Injection) exists in the export feature in the Acyba AcySMS extension before 3.5.1 for Joomla! via a value that is mishandled in a CSV export. | 8.8 |
| 2018-03-27 | CVE-2018-9105 | Improper Authentication vulnerability in Nordvpn 3.3.10 NordVPN 3.3.10 for macOS suffers from a root privilege escalation vulnerability. | 8.8 |
| 2018-03-27 | CVE-2018-9092 | Cross-Site Request Forgery (CSRF) vulnerability in 1234N Minicms 1.10 There is a CSRF vulnerability in mc-admin/conf.php in MiniCMS 1.10 that can change the administrator account password. | 8.8 |