Vulnerabilities > High
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2018-03-22 | CVE-2018-7524 | Cross-Site Request Forgery (CSRF) vulnerability in Geutebrueck G-Cam/Efd-2250 Firmware and Topfd-2125 Firmware A cross-site request forgery vulnerability has been identified in Geutebruck G-Cam/EFD-2250 Version 1.12.0.4 and Topline TopFD-2125 Version 3.15.1 IP cameras, which may allow an unauthorized user to be added to the system. | 8.8 |
| 2018-03-22 | CVE-2018-7516 | Server-Side Request Forgery (SSRF) vulnerability in Geutebrueck G-Cam/Efd-2250 Firmware and Topfd-2125 Firmware A server-side request forgery vulnerability has been identified in Geutebruck G-Cam/EFD-2250 Version 1.12.0.4 and Topline TopFD-2125 Version 3.15.1 IP cameras, which could lead to proxied network scans. | 7.3 |
| 2018-03-22 | CVE-2018-5509 | Improper Input Validation vulnerability in F5 products On F5 BIG-IP versions 13.0.0 or 12.1.0 - 12.1.3.1, when a specifically configured virtual server receives traffic of an undisclosed nature, TMM will crash and take the configured failover action, potentially causing a denial of service. | 7.5 |
| 2018-03-22 | CVE-2018-5504 | Unspecified vulnerability in F5 products In some circumstances, the Traffic Management Microkernel (TMM) does not properly handle certain malformed Websockets requests/responses, which allows remote attackers to cause a denial-of-service (DoS) or possible remote code execution on the F5 BIG-IP system running versions 13.0.0 - 13.1.0.3 or 12.1.0 - 12.1.3.1. | 8.1 |
| 2018-03-22 | CVE-2018-5503 | Improper Input Validation vulnerability in F5 Big-Ip Policy Enforcement Manager On F5 BIG-IP versions 13.0.0 - 13.1.0.3 or 12.0.0 - 12.1.3.1, TMM may restart when processing a specifically crafted page through a virtual server with an associated PEM policy that has content insertion as an action. | 7.5 |
| 2018-03-22 | CVE-2018-5502 | Improper Certificate Validation vulnerability in F5 products On F5 BIG-IP versions 13.0.0 - 13.1.0.3, attackers may be able to disrupt services on the BIG-IP system with maliciously crafted client certificate. | 7.5 |
| 2018-03-22 | CVE-2018-5731 | Improper Input Validation vulnerability in Heimdalsecurity Heimdal 2.2.190 An issue was discovered in Heimdal PRO 2.2.190. | 7.0 |
| 2018-03-22 | CVE-2018-5349 | Incorrect Permission Assignment for Critical Resource vulnerability in Heimdalsecurity Heimdal 2.2.190 A vulnerability has been found in Heimdal PRO v2.2.190, but it is most likely also present in Heimdal FREE and Heimdal CORP. | 7.8 |
| 2018-03-22 | CVE-2017-16772 | Improper Input Validation vulnerability in Synology Photo Station Improper input validation vulnerability in SYNOPHOTO_Flickr_MultiUpload in Synology Photo Station before 6.8.3-3463 and before 6.3-2971 allows remote authenticated users to execute arbitrary codes via the prog_id parameter. | 8.8 |
| 2018-03-22 | CVE-2017-0935 | Improper Privilege Management vulnerability in UI Edgeos 1.9.1/1.9.1.1 Ubiquiti Networks EdgeOS version 1.9.1.1 and prior suffer from an Improper Privilege Management vulnerability due to the lack of protection of the file system leading to sensitive information being exposed. | 8.8 |