Vulnerabilities > High
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2018-05-15 | CVE-2017-2608 | Deserialization of Untrusted Data vulnerability in Jenkins Jenkins before versions 2.44, 2.32.2 is vulnerable to a remote code execution vulnerability involving the deserialization of various types in javax.imageio in XStream-based APIs (SECURITY-383). | 8.8 |
| 2018-05-15 | CVE-2018-11126 | Cross-Site Request Forgery (CSRF) vulnerability in Doorgets 7.0 dg-user/?controller=users&action=add in doorGets 7.0 has CSRF that results in adding an administrator account. | 8.8 |
| 2018-05-15 | CVE-2017-2815 | XXE vulnerability in Igniterealtime User Import Export 2.6.0 An exploitable XML entity injection vulnerability exists in OpenFire User Import Export Plugin 2.6.0. | 8.1 |
| 2018-05-15 | CVE-2018-1087 | kernel KVM before versions kernel 4.16, kernel 4.16-rc7, kernel 4.17-rc1, kernel 4.17-rc2 and kernel 4.17-rc3 is vulnerable to a flaw in the way the Linux kernel's KVM hypervisor handled exceptions delivered after a stack switch operation via Mov SS or Pop SS instructions. | 7.8 |
| 2018-05-15 | CVE-2018-1131 | Deserialization of Untrusted Data vulnerability in multiple products Infinispan permits improper deserialization of trusted data via XML and JSON transcoders under certain server configurations. | 8.8 |
| 2018-05-15 | CVE-2018-11102 | Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in Libav 12.3 An issue was discovered in Libav 12.3. | 7.5 |
| 2018-05-15 | CVE-2018-11100 | Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in Libming The decompileSETTARGET function in decompile.c in libming through 0.4.8 mishandles cases where the header indicates a file size greater than the actual size, which allows remote attackers to cause a denial of service (Segmentation fault and application crash) or possibly have unspecified other impact. | 8.8 |
| 2018-05-15 | CVE-2018-11098 | Unrestricted Upload of File with Dangerous Type vulnerability in Frog CMS Project Frog CMS 0.9.5 An issue was discovered in Frog CMS 0.9.5. | 7.2 |
| 2018-05-15 | CVE-2018-11097 | Missing Release of Resource after Effective Lifetime vulnerability in Cstring Project Cstring 20161109 An issue was discovered in cloudwu/cstring through 2016-11-09. | 7.5 |
| 2018-05-15 | CVE-2018-11095 | Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in Libming The decompileJUMP function in decompile.c in libming through 0.4.8 mishandles cases where the header indicates a file size greater than the actual size, which allows remote attackers to cause a denial of service (Segmentation fault and application crash) or possibly have unspecified other impact. | 8.8 |