Vulnerabilities > High
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2018-03-24 | CVE-2018-8968 | Path Traversal vulnerability in Zzcms 8.2 An issue was discovered in zzcms 8.2. | 7.5 |
| 2018-03-24 | CVE-2018-8966 | Code Injection vulnerability in Zzcms 8.2 An issue was discovered in zzcms 8.2. | 7.5 |
| 2018-03-24 | CVE-2018-8965 | Path Traversal vulnerability in Zzcms 8.2 An issue was discovered in zzcms 8.2. | 7.5 |
| 2018-03-24 | CVE-2017-17751 | Unspecified vulnerability in Bose Soundtouch Bose SoundTouch devices allows remote attackers to achieve remote control via a crafted web site that uses the WebSocket Protocol. | 8.8 |
| 2018-03-23 | CVE-2018-8960 | Out-of-bounds Read vulnerability in multiple products The ReadTIFFImage function in coders/tiff.c in ImageMagick 7.0.7-26 Q16 does not properly restrict memory allocation, leading to a heap-based buffer over-read. | 8.8 |
| 2018-03-23 | CVE-2018-1000137 | Cross-Site Request Forgery (CSRF) vulnerability in I-Librarian I Librarian I, Librarian version 4.8 and earlier contains a Cross site Request Forgery (CSRF) vulnerability in users.php that can result in the password of the admin being forced to be changed without the administrator's knowledge. | 8.8 |
| 2018-03-23 | CVE-2018-1000136 | Improper Input Validation vulnerability in Electronjs Electron Electron version 1.7 up to 1.7.12; 1.8 up to 1.8.3 and 2.0.0 up to 2.0.0-beta.3 contains an improper handling of values vulnerability in Webviews that can result in remote code execution. | 8.1 |
| 2018-03-23 | CVE-2018-7502 | Improper Input Validation vulnerability in Beckhoff Twincat and Twincat C++ Kernel drivers in Beckhoff TwinCAT 3.1 Build 4022.4, TwinCAT 2.11 R3 2259, and TwinCAT 3.1 lack proper validation of user-supplied pointer values. | 7.8 |
| 2018-03-23 | CVE-2017-15325 | Integer Overflow or Wraparound vulnerability in Huawei products The Bdat driver of Prague smart phones with software versions earlier than Prague-AL00AC00B211, versions earlier than Prague-AL00BC00B211, versions earlier than Prague-AL00CC00B211, versions earlier than Prague-TL00AC01B211, versions earlier than Prague-TL10AC01B211 has integer overflow vulnerability due to the lack of parameter validation. | 7.8 |
| 2018-03-23 | CVE-2018-1211 | Path Traversal vulnerability in Dell EMC Idrac7 and EMC Idrac8 Dell EMC iDRAC7/iDRAC8, versions prior to 2.52.52.52, contain a path traversal vulnerability in its Web server's URI parser which could be used to obtain specific sensitive data without authentication. | 7.5 |