Vulnerabilities > High
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2018-05-24 | CVE-2018-7902 | Unspecified vulnerability in Huawei 1288H V5 Firmware and 2288H V5 Firmware Huawei 1288H V5 and 288H V5 with software of V100R005C00 have a JSON injection vulnerability. | 8.8 |
| 2018-05-24 | CVE-2018-5485 | Unspecified vulnerability in Netapp Oncommand Unified Manager 7.2/7.3 NetApp OnCommand Unified Manager for Windows versions 7.2 through 7.3 are susceptible to a vulnerability which could lead to a privilege escalation attack. | 7.8 |
| 2018-05-24 | CVE-2018-1000039 | Use After Free vulnerability in Artifex Mupdf In Artifex MuPDF 1.12.0 and earlier, multiple heap use after free bugs in the PDF parser could allow an attacker to execute arbitrary code, read memory, or cause a denial of service via a crafted file. | 7.8 |
| 2018-05-24 | CVE-2018-1000038 | Out-of-bounds Write vulnerability in Artifex Mupdf In Artifex MuPDF 1.12.0 and earlier, a stack buffer overflow in function pdf_lookup_cmap_full in pdf/pdf-cmap.c could allow an attacker to execute arbitrary code via a crafted file. | 7.8 |
| 2018-05-24 | CVE-2018-11411 | Improper Input Validation vulnerability in Dimoncoin The transferFrom function of a smart contract implementation for DimonCoin (FUD), an Ethereum ERC20 token, allows attackers to steal assets (e.g., transfer all victims' balances into their account) because certain computations involving _value are incorrect. | 7.5 |
| 2018-05-24 | CVE-2018-11405 | Cross-Site Request Forgery (CSRF) vulnerability in Kliqqi CMS 2.0.2 Kliqqi 2.0.2 has CSRF in admin/admin_users.php. | 8.8 |
| 2018-05-23 | CVE-2018-10654 | Deserialization of Untrusted Data vulnerability in Citrix Xenmobile Server 10.7/10.8 There is a Hazelcast Library Java Deserialization Vulnerability in Citrix XenMobile Server 10.8 before RP2 and 10.7 before RP3. | 8.1 |
| 2018-05-23 | CVE-2018-10652 | Information Exposure vulnerability in Citrix Xenmobile Server 10.7 There is a Sensitive Data Leakage issue in Citrix XenMobile Server 10.7 before RP3. | 7.5 |
| 2018-05-23 | CVE-2018-10650 | Untrusted Search Path vulnerability in Citrix Xenmobile Server 10.7/10.8 There is an Insufficient Path Validation Vulnerability in Citrix XenMobile Server 10.8 before RP2 and 10.7 before RP3. | 7.8 |
| 2018-05-23 | CVE-2018-11231 | SQL Injection vulnerability in Divido In the Divido plugin for OpenCart, there is SQL injection. | 8.1 |