Vulnerabilities > High

DATE CVE VULNERABILITY TITLE RISK
2018-03-12 CVE-2017-6286 Out-of-bounds Write vulnerability in Google Android
NVIDIA libnvomx contains a possible out of bounds write due to a missing bounds check which could lead to local escalation of privilege.
local
low complexity
google CWE-787
7.8
2018-03-12 CVE-2017-6281 Out-of-bounds Write vulnerability in Google Android
NVIDIA libnvomx contains a possible out of bounds write due to a improper input validation which could lead to local escalation of privilege.
local
low complexity
google CWE-787
7.8
2018-03-12 CVE-2018-8065 Improper Input Validation vulnerability in Flexense Syncbreeze 10.6.24
An issue was discovered in the web server in Flexense SyncBreeze Enterprise 10.6.24.
network
low complexity
flexense CWE-20
7.5
2018-03-12 CVE-2017-18227 Improper Certificate Validation vulnerability in Titanhq Webtitan Gateway
TitanHQ WebTitan Gateway has incorrect certificate validation for the TLS interception feature.
network
low complexity
titanhq CWE-295
7.5
2018-03-12 CVE-2017-18225 Incorrect Permission Assignment for Critical Resource vulnerability in Jabberd2
The Gentoo net-im/jabberd2 package through 2.6.1 installs jabberd, jabberd2-c2s, jabberd2-router, jabberd2-s2s, and jabberd2-sm in /usr/bin owned by the jabber account, which might allow local users to gain privileges by leveraging access to this account and then waiting for root to execute one of these programs.
local
low complexity
jabberd2 CWE-732
7.8
2018-03-12 CVE-2016-5314 Out-of-bounds Write vulnerability in multiple products
Buffer overflow in the PixarLogDecode function in tif_pixarlog.c in LibTIFF 4.0.6 and earlier allows remote attackers to cause a denial of service (application crash) or possibly have unspecified other impact via a crafted TIFF image, as demonstrated by overwriting the vgetparent function pointer with rgb2ycbcr.
network
low complexity
libtiff opensuse redhat debian CWE-787
8.8
2018-03-12 CVE-2014-8129 Out-of-bounds Write vulnerability in multiple products
LibTIFF 4.0.3 allows remote attackers to cause a denial of service (out-of-bounds write) or possibly have unspecified other impact via a crafted TIFF image, as demonstrated by failure of tif_next.c to verify that the BitsPerSample value is 2, and the t2p_sample_lab_signed_to_unsigned function in tiff2pdf.c.
network
low complexity
libtiff debian redhat apple CWE-787
8.8
2018-03-11 CVE-2018-8059 Improper Certificate Validation vulnerability in Suse Portus 2.3.0
The Djelibeybi configuration examples for use of NGINX in SUSE Portus 2.3, when applied to certain configurations involving Docker Compose, have a Missing SSL Certificate Validation issue because no proxy_ssl_* directives are used.
low complexity
suse CWE-295
8.8
2018-03-11 CVE-2018-8056 Information Exposure vulnerability in Cobub Razor 0.8.0
Physical path Leakage exists in Western Bridge Cobub Razor 0.8.0 via an invalid channel_name parameter to /index.php?/manage/channel/addchannel or a direct request to /export.php.
network
low complexity
cobub CWE-200
7.5
2018-03-10 CVE-2018-6312 Weak Password Requirements vulnerability in Foxconn Ap-Fc4064-T Firmware Apgtb385.8.3Lb15W47Lte
A privileged account with a weak default password on the Foxconn femtocell FEMTO AP-FC4064-T version AP_GT_B38_5.8.3lb15-W47 LTE Build 15 can be used to turn on the TELNET service via the web interface, which allows root login without any password.
network
low complexity
foxconn CWE-521
7.2