Vulnerabilities > High

DATE CVE VULNERABILITY TITLE RISK
2018-03-20 CVE-2018-8883 Out-of-bounds Read vulnerability in Nasm Netwide Assembler 2.13.02
Netwide Assembler (NASM) 2.13.02rc2 has a buffer over-read in the parse_line function in asm/parser.c via uncontrolled access to nasm_reg_flags.
local
low complexity
nasm CWE-125
7.8
2018-03-20 CVE-2018-8882 Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in Nasm Netwide Assembler 2.13.02
Netwide Assembler (NASM) 2.13.02rc2 has a stack-based buffer under-read in the function ieee_shr in asm/float.c via a large shift value.
local
low complexity
nasm CWE-119
7.8
2018-03-20 CVE-2018-8881 Out-of-bounds Read vulnerability in multiple products
Netwide Assembler (NASM) 2.13.02rc2 has a heap-based buffer over-read in the function tokenize in asm/preproc.c, related to an unterminated string.
local
low complexity
nasm canonical CWE-125
7.3
2018-03-20 CVE-2018-8876 Improper Input Validation vulnerability in 2345 Security Guard Project 2345 Security Guard 3.6
In 2345 Security Guard 3.6, the driver file (2345Wrath.sys) allows local users to cause a denial of service (BSOD) or possibly have unspecified other impact because of not validating input values from IOCtl 0x00222098.
local
low complexity
2345-security-guard-project CWE-20
7.8
2018-03-20 CVE-2018-8875 Improper Input Validation vulnerability in 2345 Security Guard Project 2345 Security Guard 3.6
In 2345 Security Guard 3.6, the driver file (2345Wrath.sys) allows local users to cause a denial of service (BSOD) or possibly have unspecified other impact because of not validating input values from IOCtl 0x0022209c.
local
low complexity
2345-security-guard-project CWE-20
7.8
2018-03-20 CVE-2018-8874 Improper Input Validation vulnerability in 2345 Security Guard Project 2345 Security Guard 3.6
In 2345 Security Guard 3.6, the driver file (2345Wrath.sys) allows local users to cause a denial of service (BSOD) or possibly have unspecified other impact because of not validating input values from IOCtl 0x00222054.
local
low complexity
2345-security-guard-project CWE-20
7.8
2018-03-20 CVE-2018-8873 Improper Input Validation vulnerability in 2345 Security Guard Project 2345 Security Guard 3.6
In 2345 Security Guard 3.6, the driver file (2345NetFirewall.sys) allows local users to cause a denial of service (BSOD) or possibly have unspecified other impact because of not validating input values from IOCtl 0x00222040.
local
low complexity
2345-security-guard-project CWE-20
7.8
2018-03-20 CVE-2014-4928 SQL Injection vulnerability in Invisioncommunity Invision Power Board
SQL injection vulnerability in Invision Power Board (aka IPB or IP.Board) before 3.4.6 allows remote attackers to execute arbitrary SQL commands via the cId parameter.
network
low complexity
invisioncommunity CWE-89
8.8
2018-03-20 CVE-2014-1457 Cross-Site Request Forgery (CSRF) vulnerability in Openwebanalytics Open web Analytics
Open Web Analytics (OWA) before 1.5.6 improperly generates random nonce values, which makes it easier for remote attackers to bypass a CSRF protection mechanism by leveraging knowledge of an OWA user name.
network
low complexity
openwebanalytics CWE-352
8.8
2018-03-20 CVE-2014-1215 Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in Coreftp Core FTP 1.2
Multiple buffer overflows in Core FTP Server before 1.2 build 508 allow local users to gain privileges via vectors related to reading data from config.dat and Windows Registry.
local
low complexity
coreftp CWE-119
7.8