Vulnerabilities > High
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2018-02-06 | CVE-2018-6770 | Improper Input Validation vulnerability in Jiangmin Antivirus 16.0.0.100 In Jiangmin Antivirus 16.0.0.100, the driver file (KrnlCall.sys) allows local users to cause a denial of service (BSOD) or possibly have unspecified other impact because of not validating input values from IOCtl 0x99008210. | 7.8 |
| 2018-02-06 | CVE-2018-6769 | Improper Input Validation vulnerability in Jiangmin Antivirus 16.0.0.100 In Jiangmin Antivirus 16.0.0.100, the driver file (KrnlCall.sys) allows local users to cause a denial of service (BSOD) or possibly have unspecified other impact because of not validating input values from IOCtl 0x99008020. | 7.8 |
| 2018-02-06 | CVE-2018-6768 | Improper Input Validation vulnerability in Jiangmin Antivirus 16.0.0.100 In Jiangmin Antivirus 16.0.0.100, the driver file (KSysCall.sys) allows local users to cause a denial of service (BSOD) or possibly have unspecified other impact because of not validating input values from IOCtl 0x9A008090. | 7.8 |
| 2018-02-06 | CVE-2018-6767 | Out-of-bounds Read vulnerability in multiple products A stack-based buffer over-read in the ParseRiffHeaderConfig function of cli/riff.c file of WavPack 5.1.0 allows a remote attacker to cause a denial-of-service attack or possibly have unspecified other impact via a maliciously crafted RF64 file. | 7.8 |
| 2018-02-06 | CVE-2018-5457 | Uncontrolled Search Path Element vulnerability in Vyaire Carefusion Upgrade Utility 2.0.2.2 A uncontrolled search path element issue was discovered in Vyaire Medical CareFusion Upgrade Utility used with Windows XP systems, Versions 2.0.2.2 and prior versions. | 7.0 |
| 2018-02-06 | CVE-2018-1299 | Path Traversal vulnerability in Apache Allura In Apache Allura before 1.8.0, unauthenticated attackers may retrieve arbitrary files through the Allura web application. | 7.5 |
| 2018-02-06 | CVE-2016-3952 | Credentials Management vulnerability in Web2Py web2py before 2.14.1, when using the standalone version, allows remote attackers to obtain environment variable values via a direct request to examples/template_examples/beautify. | 7.8 |
| 2018-02-06 | CVE-2018-6389 | Resource Exhaustion vulnerability in Wordpress In WordPress through 4.9.2, unauthenticated attackers can cause a denial of service (resource consumption) by using the large list of registered .js files (from wp-includes/script-loader.php) to construct a series of requests to load every file many times. | 7.5 |
| 2018-02-06 | CVE-2017-6201 | Server-Side Request Forgery (SSRF) vulnerability in Sandstorm A Server Side Request Forgery vulnerability exists in the install app process in Sandstorm before build 0.203. | 8.1 |
| 2018-02-06 | CVE-2017-17996 | Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in Flexense Syncbreeze A buffer overflow vulnerability in "Add command" functionality exists in Flexense SyncBreeze Enterprise <= 10.3.14. | 8.8 |