Vulnerabilities > High

DATE CVE VULNERABILITY TITLE RISK
2018-05-17 CVE-2018-10473 Out-of-bounds Write vulnerability in Foxitsoftware Phantompdf
This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Foxit Reader 9.0.0.29935.
network
low complexity
foxitsoftware CWE-787
8.8
2018-05-17 CVE-2018-7160 Authentication Bypass by Spoofing vulnerability in Nodejs Node.Js
The Node.js inspector, in 6.x and later is vulnerable to a DNS rebinding attack which could be exploited to perform remote code execution.
network
low complexity
nodejs CWE-290
8.8
2018-05-17 CVE-2018-7158 Unspecified vulnerability in Nodejs Node.Js
The `'path'` module in the Node.js 4.x release line contains a potential regular expression denial of service (ReDoS) vector.
network
low complexity
nodejs
7.5
2018-05-17 CVE-2018-11230 Use After Free vulnerability in Jbig2Enc Project Jbig2Enc 0.29
jbig2_add_page in jbig2enc.cc in libjbig2enc.a in jbig2enc 0.29 allows remote attackers to cause a denial of service (use-after-free) or possibly have unspecified other impact via a crafted file.
network
low complexity
jbig2enc-project CWE-416
8.8
2018-05-17 CVE-2018-10027 Untrusted Search Path vulnerability in Estsoft Alzip
ESTsoft ALZip before 10.76 allows local users to execute arbitrary code via creating a malicious .DLL file and installing it in a specific directory: %PROGRAMFILES%\ESTsoft\ALZip\Formats, %PROGRAMFILES%\ESTsoft\ALZip\Coders, %PROGRAMFILES(X86)%\ESTsoft\ALZip\Formats, or %PROGRAMFILES(X86)%\ESTsoft\ALZip\Coders.
local
low complexity
estsoft CWE-426
7.8
2018-05-17 CVE-2018-11226 Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in Libming
The getString function in decompile.c in libming through 0.4.8 mishandles cases where the header indicates a file size greater than the actual size, which allows remote attackers to cause a denial of service (Segmentation fault and application crash) or possibly have unspecified other impact.
network
low complexity
libming CWE-119
8.8
2018-05-17 CVE-2018-11225 Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in Libming
The dcputs function in decompile.c in libming through 0.4.8 mishandles cases where the header indicates a file size greater than the actual size, which allows remote attackers to cause a denial of service (Segmentation fault and application crash) or possibly have unspecified other impact.
network
low complexity
libming CWE-119
8.8
2018-05-17 CVE-2018-0325 Improper Input Validation vulnerability in Cisco IP Phone 7800 Firmware and IP Phone 8800 Firmware
A vulnerability in the Session Initiation Protocol (SIP) call-handling functionality of Cisco IP Phone 7800 Series phones and Cisco IP Phone 8800 Series phones could allow an unauthenticated, remote attacker to cause a denial of service (DoS) condition on an affected phone.
network
low complexity
cisco CWE-20
7.5
2018-05-17 CVE-2018-0280 Improper Input Validation vulnerability in Cisco Meeting Server
A vulnerability in the Real-Time Transport Protocol (RTP) bitstream processing of the Cisco Meeting Server could allow an unauthenticated, remote attacker to cause a denial of service (DoS) condition.
network
low complexity
cisco CWE-20
7.5
2018-05-17 CVE-2018-0279 OS Command Injection vulnerability in Cisco Enterprise NFV Infrastructure Software
A vulnerability in the Secure Copy Protocol (SCP) server of Cisco Enterprise NFV Infrastructure Software (NFVIS) could allow an authenticated, remote attacker to access the shell of the underlying Linux operating system on the affected device.
network
low complexity
cisco CWE-78
8.8