Vulnerabilities > High
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2018-03-21 | CVE-2017-0918 | Path Traversal vulnerability in multiple products Gitlab Community Edition version 10.3 is vulnerable to a path traversal issue in the GitLab CI runner component resulting in remote code execution. | 8.8 |
| 2018-03-21 | CVE-2017-0914 | SQL Injection vulnerability in Gitlab Gitlab Community and Enterprise Editions version 10.1, 10.2, and 10.2.4 are vulnerable to a SQL injection in the MilestoneFinder component resulting in disclosure of all data in a GitLab instance's database. | 7.5 |
| 2018-03-21 | CVE-2018-8074 | Code Injection vulnerability in Yiiframework YII Yii 2.x before 2.0.15 allows remote attackers to inject unintended search conditions via a variant of the CVE-2018-7269 attack in conjunction with the Elasticsearch extension. | 8.1 |
| 2018-03-21 | CVE-2018-1346 | Unspecified vulnerability in Netiq Edirectory Addresses denial of service attack to eDirectory versions prior to 9.1. | 7.5 |
| 2018-03-21 | CVE-2018-1345 | Unspecified vulnerability in Netiq Imanager 2.7.7 NetIQ iManager, versions prior to 3.1, under some circumstances could be susceptible to an elevation of privilege attack. | 8.8 |
| 2018-03-21 | CVE-2018-1344 | Unspecified vulnerability in Netiq Imanager 2.7.7 Addresses potential communication downgrade attack in NetIQ iManager versions prior to 3.1 | 8.6 |
| 2018-03-20 | CVE-2018-8883 | Out-of-bounds Read vulnerability in Nasm Netwide Assembler 2.13.02 Netwide Assembler (NASM) 2.13.02rc2 has a buffer over-read in the parse_line function in asm/parser.c via uncontrolled access to nasm_reg_flags. | 7.8 |
| 2018-03-20 | CVE-2018-8882 | Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in Nasm Netwide Assembler 2.13.02 Netwide Assembler (NASM) 2.13.02rc2 has a stack-based buffer under-read in the function ieee_shr in asm/float.c via a large shift value. | 7.8 |
| 2018-03-20 | CVE-2018-8881 | Out-of-bounds Read vulnerability in multiple products Netwide Assembler (NASM) 2.13.02rc2 has a heap-based buffer over-read in the function tokenize in asm/preproc.c, related to an unterminated string. | 7.3 |
| 2018-03-20 | CVE-2018-8876 | Improper Input Validation vulnerability in 2345 Security Guard Project 2345 Security Guard 3.6 In 2345 Security Guard 3.6, the driver file (2345Wrath.sys) allows local users to cause a denial of service (BSOD) or possibly have unspecified other impact because of not validating input values from IOCtl 0x00222098. | 7.8 |