Vulnerabilities > High
DATE | CVE | VULNERABILITY TITLE | RISK |
---|---|---|---|
2018-02-05 | CVE-2018-5789 | XXE vulnerability in Extremewireless Wing An issue was discovered in Extreme Networks ExtremeWireless WiNG 5.x before 5.8.6.9 and 5.9.x before 5.9.1.3. | 7.5 |
2018-02-05 | CVE-2018-5788 | Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in Extremewireless Wing An issue was discovered in Extreme Networks ExtremeWireless WiNG 5.x before 5.8.6.9 and 5.9.x before 5.9.1.3. | 7.5 |
2018-02-05 | CVE-2018-5787 | Out-of-bounds Write vulnerability in Extremenetworks Extremewireless Wing An issue was discovered in Extreme Networks ExtremeWireless WiNG 5.x before 5.8.6.9 and 5.9.x before 5.9.1.3. | 7.5 |
2018-02-05 | CVE-2018-6188 | Information Exposure vulnerability in multiple products django.contrib.auth.forms.AuthenticationForm in Django 2.0 before 2.0.2, and 1.11.8 and 1.11.9, allows remote attackers to obtain potentially sensitive information by leveraging data exposure from the confirm_login_allowed() method, as demonstrated by discovering whether a user account is inactive. | 7.5 |
2018-02-05 | CVE-2017-15536 | Improper Privilege Management vulnerability in Cloudera Data Science Workbench An issue was discovered in Cloudera Data Science Workbench (CDSW) 1.x before 1.2.0. | 8.8 |
2018-02-04 | CVE-2018-6611 | Out-of-bounds Read vulnerability in Openmpt soundlib/Load_stp.cpp in OpenMPT through 1.27.04.00, and libopenmpt before 0.3.6, has an out-of-bounds read via a malformed STP file. | 8.8 |
2018-02-04 | CVE-2018-6606 | Incorrect Permission Assignment for Critical Resource vulnerability in Malwarefox Antimalware 2.74.0.150 An issue was discovered in MalwareFox AntiMalware 2.74.0.150. | 7.8 |
2018-02-03 | CVE-2018-6593 | Incorrect Permission Assignment for Critical Resource vulnerability in Malwarefox Antimalware 2.74.0.150 An issue was discovered in MalwareFox AntiMalware 2.74.0.150. | 7.8 |
2018-02-03 | CVE-2018-6594 | Inadequate Encryption Strength vulnerability in multiple products lib/Crypto/PublicKey/ElGamal.py in PyCrypto through 2.6.1 generates weak ElGamal key parameters, which allows attackers to obtain sensitive information by reading ciphertext data (i.e., it does not have semantic security in face of a ciphertext-only attack). | 7.5 |
2018-02-03 | CVE-2017-18123 | Improper Input Validation vulnerability in multiple products The call parameter of /lib/exe/ajax.php in DokuWiki through 2017-02-19e does not properly encode user input, which leads to a reflected file download vulnerability, and allows remote attackers to run arbitrary programs. | 8.6 |