Vulnerabilities > High

DATE CVE VULNERABILITY TITLE RISK
2018-02-05 CVE-2018-5789 XXE vulnerability in Extremewireless Wing
An issue was discovered in Extreme Networks ExtremeWireless WiNG 5.x before 5.8.6.9 and 5.9.x before 5.9.1.3.
network
low complexity
extremewireless CWE-611
7.5
2018-02-05 CVE-2018-5788 Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in Extremewireless Wing
An issue was discovered in Extreme Networks ExtremeWireless WiNG 5.x before 5.8.6.9 and 5.9.x before 5.9.1.3.
network
low complexity
extremewireless CWE-119
7.5
2018-02-05 CVE-2018-5787 Out-of-bounds Write vulnerability in Extremenetworks Extremewireless Wing
An issue was discovered in Extreme Networks ExtremeWireless WiNG 5.x before 5.8.6.9 and 5.9.x before 5.9.1.3.
network
low complexity
extremenetworks CWE-787
7.5
2018-02-05 CVE-2018-6188 Information Exposure vulnerability in multiple products
django.contrib.auth.forms.AuthenticationForm in Django 2.0 before 2.0.2, and 1.11.8 and 1.11.9, allows remote attackers to obtain potentially sensitive information by leveraging data exposure from the confirm_login_allowed() method, as demonstrated by discovering whether a user account is inactive.
network
low complexity
djangoproject canonical CWE-200
7.5
2018-02-05 CVE-2017-15536 Improper Privilege Management vulnerability in Cloudera Data Science Workbench
An issue was discovered in Cloudera Data Science Workbench (CDSW) 1.x before 1.2.0.
network
low complexity
cloudera CWE-269
8.8
2018-02-04 CVE-2018-6611 Out-of-bounds Read vulnerability in Openmpt
soundlib/Load_stp.cpp in OpenMPT through 1.27.04.00, and libopenmpt before 0.3.6, has an out-of-bounds read via a malformed STP file.
network
low complexity
openmpt CWE-125
8.8
2018-02-04 CVE-2018-6606 Incorrect Permission Assignment for Critical Resource vulnerability in Malwarefox Antimalware 2.74.0.150
An issue was discovered in MalwareFox AntiMalware 2.74.0.150.
local
low complexity
malwarefox CWE-732
7.8
2018-02-03 CVE-2018-6593 Incorrect Permission Assignment for Critical Resource vulnerability in Malwarefox Antimalware 2.74.0.150
An issue was discovered in MalwareFox AntiMalware 2.74.0.150.
local
low complexity
malwarefox CWE-732
7.8
2018-02-03 CVE-2018-6594 Inadequate Encryption Strength vulnerability in multiple products
lib/Crypto/PublicKey/ElGamal.py in PyCrypto through 2.6.1 generates weak ElGamal key parameters, which allows attackers to obtain sensitive information by reading ciphertext data (i.e., it does not have semantic security in face of a ciphertext-only attack).
network
low complexity
dlitz debian canonical CWE-326
7.5
2018-02-03 CVE-2017-18123 Improper Input Validation vulnerability in multiple products
The call parameter of /lib/exe/ajax.php in DokuWiki through 2017-02-19e does not properly encode user input, which leads to a reflected file download vulnerability, and allows remote attackers to run arbitrary programs.
local
low complexity
dokuwiki debian CWE-20
8.6