Vulnerabilities > High
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2018-01-30 | CVE-2018-5441 | Improper Input Validation vulnerability in Phoenixcontact products An Improper Validation of Integrity Check Value issue was discovered in PHOENIX CONTACT mGuard firmware versions 7.2 to 8.6.0. | 7.8 |
| 2018-01-30 | CVE-2017-1731 | Unspecified vulnerability in IBM Websphere Application Server IBM WebSphere Application Server 7.0, 8.0, 8.5, and 9.0 could provide weaker than expected security when using the Administrative Console. | 8.8 |
| 2018-01-30 | CVE-2014-4705 | Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in Huawei products Multiple heap-based buffer overflows in the eSap software platform in Huawei Campus S9300, S7700, S9700, S5300, S5700, S6300, and S6700 series switches; AR150, AR160, AR200, AR1200, AR2200, AR3200, AR530, NetEngine16EX, SRG1300, SRG2300, and SRG3300 series routers; and WLAN AC6005, AC6605, and ACU2 access controllers allow remote attackers to cause a denial of service (device restart) via a crafted length field in a packet. | 7.5 |
| 2018-01-30 | CVE-2017-17969 | Out-of-bounds Write vulnerability in multiple products Heap-based buffer overflow in the NCompress::NShrink::CDecoder::CodeReal method in 7-Zip before 18.00 and p7zip allows remote attackers to cause a denial of service (out-of-bounds write) or potentially execute arbitrary code via a crafted ZIP archive. | 7.8 |
| 2018-01-30 | CVE-2018-6397 | Path Traversal vulnerability in Joomlacalendars Picture Calendar 3.1.4 Directory Traversal exists in the Picture Calendar 3.1.4 component for Joomla! via the list.php folder parameter. | 7.5 |
| 2018-01-29 | CVE-2018-6393 | SQL Injection vulnerability in Sangoma Freepbx 10.13.66/14.0.1.24 FreePBX 10.13.66-32bit and 14.0.1.24 (SNG7-PBX-64bit-1712-2) allow post-authentication SQL injection via the order parameter. | 7.2 |
| 2018-01-29 | CVE-2018-3835 | Out-of-bounds Write vulnerability in Disneyanimation Ptex 2.2 An exploitable out of bounds write vulnerability exists in version 2.2 of the Per Face Texture mapping application known as PTEX. | 8.8 |
| 2018-01-29 | CVE-2018-6391 | Cross-Site Request Forgery (CSRF) vulnerability in Netis-Systems Wf2419 Firmware 2.2.36123 A cross-site request forgery web vulnerability has been discovered on Netis WF2419 V2.2.36123 devices. | 8.8 |
| 2018-01-29 | CVE-2017-15133 | Resource Exhaustion vulnerability in Miekg-Dns Prject Miekg-Dns A denial of service flaw was found in miekg-dns before 1.0.4. | 7.5 |
| 2018-01-29 | CVE-2018-6388 | OS Command Injection vulnerability in Iball Ib-Wra150N Firmware 1.2.6 iBall iB-WRA150N 1.2.6 build 110401 Rel.47776n devices allow remote authenticated users to execute arbitrary OS commands via shell metacharacters in the ping test arguments on the Diagnostics page. | 8.8 |