Vulnerabilities > High
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2018-03-26 | CVE-2018-7658 | Improper Input Validation vulnerability in Softros Network Time System 2.3.4 NTSServerSvc.exe in the server in Softros Network Time System 2.3.4 allows remote attackers to cause a denial of service (daemon crash) by sending exactly 11 bytes. | 7.5 |
| 2018-03-26 | CVE-2017-12410 | Race Condition vulnerability in Kaseya Virtual System Administrator It is possible to exploit a Time of Check & Time of Use (TOCTOU) vulnerability by winning a race condition when Kaseya Virtual System Administrator agent 9.3.0.11 and earlier tries to execute its binaries from working and/or temporary folders. | 7.4 |
| 2018-03-26 | CVE-2017-18249 | Race Condition vulnerability in multiple products The add_free_nid function in fs/f2fs/node.c in the Linux kernel before 4.12 does not properly track an allocated nid, which allows local users to cause a denial of service (race condition) or possibly have unspecified other impact via concurrent threads. | 7.0 |
| 2018-03-26 | CVE-2018-7673 | Unspecified vulnerability in Netiq Identity Manager 4.5 The NetIQ Identity Manager communication channel, in versions prior to 4.7, is susceptible to a DoS attack. | 7.5 |
| 2018-03-26 | CVE-2018-1348 | Unspecified vulnerability in Netiq Identity Manager 4.5 NetIQ Identity Manager driver, in versions prior to 4.7, allows for an SSL handshake renegotiation which could result in a MITM attack. | 7.4 |
| 2018-03-26 | CVE-2018-1213 | Cross-Site Request Forgery (CSRF) vulnerability in Dell EMC Isilon Onefs Dell EMC Isilon OneFS versions between 8.1.0.0 - 8.1.0.1, 8.0.1.0 - 8.0.1.2, and 8.0.0.0 - 8.0.0.6, versions 7.2.1.x, and version 7.1.1.11 and 8.1.0.2 is affected by a cross-site request forgery vulnerability. | 8.8 |
| 2018-03-26 | CVE-2015-7434 | Information Exposure vulnerability in IBM Capacity Management Analytics 2.1.0.0 IBM Capacity Management Analytics 2.1.0.0 allows local users to discover encrypted usernames and passwords by leveraging access to the CMA install machine. | 7.8 |
| 2018-03-26 | CVE-2015-7433 | Information Exposure vulnerability in IBM Capacity Management Analytics 2.1.0.0 IBM Capacity Management Analytics 2.1.0.0 allows local users to discover cleartext usernames and passwords by leveraging access to the CMA install machine. | 7.8 |
| 2018-03-26 | CVE-2015-7432 | Information Exposure vulnerability in IBM Capacity Management Analytics 2.1.0.0 IBM Capacity Management Analytics 2.1.0.0 allows local users to decrypt usernames and passwords by leveraging access to setenv.sh and parameter.txt. | 7.8 |
| 2018-03-26 | CVE-2015-5039 | Cryptographic Issues vulnerability in IBM Rational Clearcase The Remote Client and change management integrations in IBM Rational ClearCase 7.1.x, 8.0.0.x before 8.0.0.18, and 8.0.1.x before 8.0.1.11 do not properly validate hostnames in X.509 certificates from SSL servers, which allows remote attackers to spoof servers and obtain sensitive information or modify network traffic via a crafted certificate. | 7.4 |