Vulnerabilities > High
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2018-02-06 | CVE-2014-5282 | Improper Input Validation vulnerability in Docker Docker before 1.3 does not properly validate image IDs, which allows remote attackers to redirect to another image through the loading of untrusted images via 'docker load'. | 8.1 |
| 2018-02-06 | CVE-2014-5280 | Cross-Site Request Forgery (CSRF) vulnerability in Boot2Docker boot2docker 1.2 and earlier allows attackers to conduct cross-site request forgery (CSRF) attacks by leveraging Docker daemons enabling TCP connections without TLS authentication. | 8.8 |
| 2018-02-06 | CVE-2014-5279 | Improper Access Control vulnerability in Boot2Docker The Docker daemon managed by boot2docker 1.2 and earlier improperly enables unauthenticated TCP connections by default, which makes it easier for remote attackers to gain privileges or execute arbitrary code from children containers. | 8.8 |
| 2018-02-06 | CVE-2018-6290 | Unspecified vulnerability in Kaspersky Secure Mail Gateway 1.1 Local Privilege Escalation in Kaspersky Secure Mail Gateway version 1.1. | 7.8 |
| 2018-02-06 | CVE-2018-6288 | Cross-Site Request Forgery (CSRF) vulnerability in Kaspersky Secure Mail Gateway 1.1 Cross-site Request Forgery leading to Administrative account takeover in Kaspersky Secure Mail Gateway version 1.1. | 8.8 |
| 2018-02-06 | CVE-2018-6467 | Cross-Site Request Forgery (CSRF) vulnerability in Flickrrss Project Flickrrss 5.3.1 The flickrRSS plugin 5.3.1 for WordPress has CSRF via wp-admin/options-general.php. | 8.8 |
| 2018-02-06 | CVE-2017-6279 | Out-of-bounds Write vulnerability in Google Android NVIDIA libnvmmlite_audio.so contains an elevation of privilege vulnerability when running in media server which may cause an out of bounds write and could lead to local code execution in a privileged process. | 7.8 |
| 2018-02-06 | CVE-2017-6258 | Out-of-bounds Write vulnerability in Google Android NVIDIA libnvmmlite_audio.so contains an elevation of privilege vulnerability when running in media server which may cause an out of bounds write and could lead to local code execution in a privileged process. | 7.8 |
| 2018-02-06 | CVE-2018-6654 | Origin Validation Error vulnerability in Grammarly 20180202 The Grammarly extension before 2018-02-02 for Chrome allows remote attackers to discover authentication tokens via an 'action: "user"' request to iframe.gr_-ifr, because the exposure of these tokens is not restricted to any specific web site. | 8.8 |
| 2018-02-06 | CVE-2018-6569 | Improper Authentication vulnerability in West-Wind web Connection West Wind Web Server 6.x does not require authentication for /ADMIN.ASP. | 8.8 |