Max CVSS 10.0 Min CVSS 1.9 Total Count624
IDCVSSSummaryLast (major) updatePublished
CVE-2019-5418 5.0
There is a File Content Disclosure vulnerability in Action View (Rails) <5.2.2.1, <5.1.6.2, <5.0.7.2, <4.2.11.1 where specially crafted accept headers can cause contents of arbitrary files on the target system's filesystem to be exposed.
27-03-2019 - 10:29 27-03-2019 - 10:29
CVE-2019-6716 7.5
An unauthenticated Insecure Direct Object Reference (IDOR) in Wicket Core in LogonBox Nervepoint Access Manager 2013 through 2017 allows a remote attacker to enumerate internal Active Directory usernames and group names, and alter back-end server job
21-03-2019 - 12:01 21-03-2019 - 12:01
CVE-2019-6225 6.8
A memory corruption issue was addressed with improved validation. This issue is fixed in iOS 12.1.3, macOS Mojave 10.14.3, tvOS 12.1.2. A malicious application may be able to elevate privileges.
05-03-2019 - 11:29 05-03-2019 - 11:29
CVE-2019-6218 9.3
A memory corruption issue was addressed with improved input validation. This issue is fixed in iOS 12.1.3, macOS Mojave 10.14.3, tvOS 12.1.2. A malicious application may be able to execute arbitrary code with kernel privileges.
05-03-2019 - 11:29 05-03-2019 - 11:29
CVE-2019-6215 6.8
A type confusion issue was addressed with improved memory handling. This issue is fixed in iOS 12.1.3, tvOS 12.1.2, Safari 12.0.3, iTunes 12.9.3 for Windows, iCloud for Windows 7.10. Processing maliciously crafted web content may lead to arbitrary co
05-03-2019 - 11:29 05-03-2019 - 11:29
CVE-2019-6214 6.8
A type confusion issue was addressed with improved memory handling. This issue is fixed in iOS 12.1.3, macOS Mojave 10.14.3, tvOS 12.1.2, watchOS 5.1.3. A malicious application may be able to break out of its sandbox.
05-03-2019 - 11:29 05-03-2019 - 11:29
CVE-2019-6213 9.3
A buffer overflow was addressed with improved bounds checking. This issue is fixed in iOS 12.1.3, macOS Mojave 10.14.3, tvOS 12.1.2, watchOS 5.1.3. An application may be able to execute arbitrary code with kernel privileges.
05-03-2019 - 11:29 05-03-2019 - 11:29
CVE-2019-6209 4.3
An out-of-bounds read issue existed that led to the disclosure of kernel memory. This was addressed with improved input validation. This issue is fixed in iOS 12.1.3, macOS Mojave 10.14.3, tvOS 12.1.2, watchOS 5.1.3. A malicious application may be ab
05-03-2019 - 11:29 05-03-2019 - 11:29
CVE-2019-6205 6.8
A memory corruption issue was addressed with improved lock state checking. This issue is fixed in iOS 12.1.3, macOS Mojave 10.14.3, tvOS 12.1.2. A malicious application may cause unexpected changes in memory shared between processes.
05-03-2019 - 11:29 05-03-2019 - 11:29
CVE-2019-6111 5.8
An issue was discovered in OpenSSH 7.9. Due to the scp implementation being derived from 1983 rcp, the server chooses which files/directories are sent to the client. However, the scp client only performs cursory validation of the object name returned
31-01-2019 - 13:29 31-01-2019 - 13:29
CVE-2019-6110 4.0
In OpenSSH 7.9, due to accepting and displaying arbitrary stderr output from the server, a malicious server (or Man-in-The-Middle attacker) can manipulate the client output, for example to use ANSI control codes to hide additional files being transfe
31-01-2019 - 13:29 31-01-2019 - 13:29
CVE-2019-6706 5.0
Lua 5.3.5 has a use-after-free in lua_upvaluejoin in lapi.c. For example, a crash outcome might be achieved by an attacker who is able to trigger a debug.upvaluejoin call in which the arguments have certain relationships.
23-01-2019 - 14:29 23-01-2019 - 14:29
CVE-2018-20735 7.2
** DISPUTED ** An issue was discovered in BMC PATROL Agent through 11.3.01. It was found that the PatrolCli application can allow for lateral movement and escalation of privilege inside a Windows Active Directory environment. It was found that by def
17-01-2019 - 15:29 17-01-2019 - 15:29
CVE-2019-2413 5.8
Vulnerability in the Oracle Reports Developer component of Oracle Fusion Middleware (subcomponent: Valid Session). The supported version that is affected is 12.2.1.3. Easily exploitable vulnerability allows unauthenticated attacker with network acces
16-01-2019 - 14:30 16-01-2019 - 14:30
CVE-2019-5893 7.5
Nelson Open Source ERP v6.3.1 allows SQL Injection via the db/utils/query/data.xml query parameter.
10-01-2019 - 12:29 10-01-2019 - 12:29
CVE-2018-6126 6.8
A precision error in Skia in Google Chrome prior to 67.0.3396.62 allowed a remote attacker to perform an out of bounds memory write via a crafted HTML page.
09-01-2019 - 14:29 09-01-2019 - 14:29
CVE-2018-16083 6.8
An out of bounds read in forward error correction code in WebRTC in Google Chrome prior to 69.0.3497.81 allowed a remote attacker to perform an out of bounds memory read via a crafted HTML page.
09-01-2019 - 14:29 09-01-2019 - 14:29
CVE-2018-16071 6.8
A use after free in WebRTC in Google Chrome prior to 69.0.3497.81 allowed a remote attacker to potentially exploit heap corruption via a crafted video file.
09-01-2019 - 14:29 09-01-2019 - 14:29
CVE-2018-1160 10.0
Netatalk before 3.1.12 is vulnerable to an out of bounds write in dsi_opensess.c. This is due to lack of bounds checking on attacker controlled data. A remote unauthenticated attacker can leverage this vulnerability to achieve arbitrary code executio
20-12-2018 - 16:29 20-12-2018 - 16:29
CVE-2018-1821 6.4
IBM Operational Decision Management 8.5, 8.6, 8.7, 8.8, and 8.9 is vulnerable to a XML External Entity Injection (XXE) attack when processing XML data. A remote attacker could exploit this vulnerability to expose sensitive information or consume memo
13-12-2018 - 11:29 13-12-2018 - 11:29
CVE-2018-7691 4.0
A potential Remote Unauthorized Access in Micro Focus Fortify Software Security Center (SSC), versions 17.10, 17.20, 18.10 this exploitation could allow Remote Unauthorized Access
13-12-2018 - 09:29 13-12-2018 - 09:29
CVE-2018-7690 4.0
A potential Remote Unauthorized Access in Micro Focus Fortify Software Security Center (SSC), versions 17.10, 17.20, 18.10 this exploitation could allow Remote Unauthorized Access
13-12-2018 - 09:29 13-12-2018 - 09:29
CVE-2018-1002105 7.5
In all Kubernetes versions prior to v1.10.11, v1.11.5, and v1.12.3, incorrect handling of error responses to proxied upgrade requests in the kube-apiserver allowed specially crafted requests to establish a connection through the Kubernetes API server
05-12-2018 - 16:29 05-12-2018 - 16:29
CVE-2018-6092 6.8
An integer overflow on 32-bit systems in WebAssembly in Google Chrome prior to 66.0.3359.117 allowed a remote attacker to execute arbitrary code inside a sandbox via a crafted HTML page.
04-12-2018 - 12:29 04-12-2018 - 12:29
CVE-2018-19627 5.0
In Wireshark 2.6.0 to 2.6.4 and 2.4.0 to 2.4.10, the IxVeriWave file parser could crash. This was addressed in wiretap/vwr.c by adjusting a buffer boundary.
28-11-2018 - 23:29 28-11-2018 - 23:29
CVE-2018-6065 6.8
Integer overflow in computing the required allocation size when instantiating a new javascript object in V8 in Google Chrome prior to 65.0.3325.146 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.
14-11-2018 - 10:29 14-11-2018 - 10:29
CVE-2018-6064 6.8
Type Confusion in the implementation of __defineGetter__ in V8 in Google Chrome prior to 65.0.3325.146 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.
14-11-2018 - 10:29 14-11-2018 - 10:29
CVE-2018-14665 7.2
A flaw was found in xorg-x11-server before 1.20.3. An incorrect permission check for -modulepath and -logfile options when starting Xorg. X server allows unprivileged users with the ability to log in to the system via physical console to escalate the
29-10-2018 - 08:29 25-10-2018 - 16:29
CVE-2018-3245 7.5
Vulnerability in the Oracle WebLogic Server component of Oracle Fusion Middleware (subcomponent: WLS Core Components). Supported versions that are affected are 10.3.6.0, 12.1.3.0 and 12.2.1.3. Easily exploitable vulnerability allows unauthenticated a
16-10-2018 - 21:31 16-10-2018 - 21:31
CVE-2018-15379 7.5
A vulnerability in which the HTTP web server for Cisco Prime Infrastructure (PI) has unrestricted directory permissions could allow an unauthenticated, remote attacker to upload an arbitrary file. This file could allow the attacker to execute command
05-10-2018 - 10:29 05-10-2018 - 10:29
CVE-2018-15961 10.0
Adobe ColdFusion versions July 12 release (2018.0.0.310739), Update 6 and earlier, and Update 14 and earlier have an unrestricted file upload vulnerability. Successful exploitation could lead to arbitrary code execution.
25-09-2018 - 09:29 25-09-2018 - 09:29
CVE-2018-16323 4.3
ReadXBMImage in coders/xbm.c in ImageMagick before 7.0.8-9 leaves data uninitialized when processing an XBM file that has a negative pixel value. If the affected code is used as a library loaded into a process that includes sensitive information, tha
01-09-2018 - 14:29 01-09-2018 - 14:29
CVE-2018-15685 6.8
GitHub Electron 1.7.15, 1.8.7, 2.0.7, and 3.0.0-beta.6, in certain scenarios involving IFRAME elements and "nativeWindowOpen: true" or "sandbox: true" options, is affected by a WebPreferences vulnerability that can be leveraged to perform remote code
23-08-2018 - 01:29 23-08-2018 - 01:29
CVE-2018-11776 9.3
Apache Struts versions 2.3 to 2.3.34 and 2.5 to 2.5.16 suffer from possible Remote Code Execution when alwaysSelectFullNamespace is true (either by user or a plugin like Convention Plugin) and then: results are used with no namespace and in same time
22-08-2018 - 09:29 22-08-2018 - 09:29
CVE-2018-1513 3.5
IBM Sterling B2B Integrator Standard Edition 5.2.0 through 5.2.6 is vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to c
23-07-2018 - 09:29 23-07-2018 - 09:29
CVE-2018-1563 3.5
IBM Sterling B2B Integrator Standard Edition (IBM Sterling File Gateway 2.2.0 through 2.2.6) is vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functional
20-07-2018 - 12:29 20-07-2018 - 12:29
CVE-2018-12584 7.5
The ConnectionBase::preparseNewBytes function in resip/stack/ConnectionBase.cxx in reSIProcate through 1.10.2 allows remote attackers to cause a denial of service (buffer overflow) or possibly execute arbitrary code when TLS communication is enabled.
16-07-2018 - 16:29 16-07-2018 - 16:29
CVE-2016-6563 10.0
Processing malformed SOAP messages when performing the HNAP Login action causes a buffer overflow in the stack in some D-Link DIR routers. The vulnerable XML fields within the SOAP body are: Action, Username, LoginPassword, and Captcha. The following
13-07-2018 - 16:29 13-07-2018 - 16:29
CVE-2018-11124 3.5
Cross-site scripting (XSS) vulnerability in Attributes functionality in Open-AudIT Community edition before 2.2.2 allows remote attackers to inject arbitrary web script or HTML via a crafted attribute name of an Attribute.
06-07-2018 - 10:29 06-07-2018 - 10:29
CVE-2018-10956 5.0
IPConfigure Orchid Core VMS 2.0.5 allows Directory Traversal.
25-06-2018 - 11:29 25-06-2018 - 11:29
CVE-2018-5159 7.5
An integer overflow can occur in the Skia library due to 32-bit integer use in an array without integer overflow checks, resulting in possible out-of-bounds writes. This could lead to a potentially exploitable crash triggerable by web content. This v
11-06-2018 - 17:29 11-06-2018 - 17:29
CVE-2017-7783 5.0
If a long user name is used in a username/password combination in a site URL (such as " http://UserName:Password@example.com"), the resulting modal prompt will hang in a non-responsive state or crash, causing a denial of service. This vulnerability a
11-06-2018 - 17:29 11-06-2018 - 17:29
CVE-2017-5465 6.4
An out-of-bounds read while processing SVG content in "ConvolvePixel". This results in a crash and also allows for otherwise inaccessible memory being copied into SVG graphic content, which could then displayed. This vulnerability affects Thunderbird
11-06-2018 - 17:29 11-06-2018 - 17:29
CVE-2017-5447 6.4
An out-of-bounds read during the processing of glyph widths during text layout. This results in a potentially exploitable crash and could allow an attacker to read otherwise inaccessible memory. This vulnerability affects Thunderbird < 52.1, Firefox
11-06-2018 - 17:29 11-06-2018 - 17:29
CVE-2017-5404 7.5
A use-after-free error can occur when manipulating ranges in selections with one node inside a native anonymous tree and one node outside of it. This results in a potentially exploitable crash. This vulnerability affects Firefox < 52, Firefox ESR < 4
11-06-2018 - 17:29 11-06-2018 - 17:29
CVE-2018-4243 9.3
An issue was discovered in certain Apple products. iOS before 11.4 is affected. macOS before 10.13.5 is affected. tvOS before 11.4 is affected. watchOS before 4.3.1 is affected. The issue involves the "Kernel" component. A buffer overflow in getvolat
08-06-2018 - 14:29 08-06-2018 - 14:29
CVE-2018-4241 9.3
An issue was discovered in certain Apple products. iOS before 11.4 is affected. macOS before 10.13.5 is affected. tvOS before 11.4 is affected. watchOS before 4.3.1 is affected. The issue involves the "Kernel" component. A buffer overflow in mptcp_us
08-06-2018 - 14:29 08-06-2018 - 14:29
CVE-2018-4222 6.8
An issue was discovered in certain Apple products. iOS before 11.4 is affected. Safari before 11.1.1 is affected. iCloud before 7.5 on Windows is affected. iTunes before 12.7.5 on Windows is affected. tvOS before 11.4 is affected. watchOS before 4.3.
08-06-2018 - 14:29 08-06-2018 - 14:29
CVE-2018-4218 6.8
An issue was discovered in certain Apple products. iOS before 11.4 is affected. Safari before 11.1.1 is affected. iCloud before 7.5 on Windows is affected. iTunes before 12.7.5 on Windows is affected. tvOS before 11.4 is affected. watchOS before 4.3.
08-06-2018 - 14:29 08-06-2018 - 14:29
CVE-2018-4206 6.8
An issue was discovered in certain Apple products. iOS before 11.3.1 is affected. macOS before 10.13.4 Security Update 2018-001 is affected. tvOS before 11.4 is affected. watchOS before 4.3.1 is affected. The issue involves the "Crash Reporter" compo
08-06-2018 - 14:29 08-06-2018 - 14:29
CVE-2018-4200 6.8
An issue was discovered in certain Apple products. iOS before 11.3.1 is affected. Safari before 11.1 is affected. iCloud before 7.5 on Windows is affected. iTunes before 12.7.5 on Windows is affected. tvOS before 11.4 is affected. The issue involves
08-06-2018 - 14:29 08-06-2018 - 14:29
CVE-2018-4192 5.1
An issue was discovered in certain Apple products. iOS before 11.4 is affected. Safari before 11.1.1 is affected. iCloud before 7.5 on Windows is affected. iTunes before 12.7.5 on Windows is affected. tvOS before 11.4 is affected. watchOS before 4.3.
08-06-2018 - 14:29 08-06-2018 - 14:29
CVE-2018-11415 4.3
SAP Internet Transaction Server (ITS) 6200.X.X has Reflected Cross Site Scripting (XSS) via certain wgate URIs. NOTE: the vendor has reportedly indicated that there will not be any further releases of this product.
24-05-2018 - 15:29 24-05-2018 - 15:29
CVE-2018-4937 10.0
Adobe Flash Player versions 29.0.0.113 and earlier have an exploitable out-of-bounds write vulnerability. Successful exploitation could lead to arbitrary code execution in the context of the current user.
19-05-2018 - 13:29 19-05-2018 - 13:29
CVE-2018-4936 5.0
Adobe Flash Player versions 29.0.0.113 and earlier have an exploitable Heap Overflow vulnerability. Successful exploitation could lead to information disclosure.
19-05-2018 - 13:29 19-05-2018 - 13:29
CVE-2018-4935 10.0
Adobe Flash Player versions 29.0.0.113 and earlier have an exploitable out-of-bounds write vulnerability. Successful exploitation could lead to arbitrary code execution in the context of the current user.
19-05-2018 - 13:29 19-05-2018 - 13:29
CVE-2018-4934 5.0
Adobe Flash Player versions 29.0.0.113 and earlier have an exploitable out-of-bounds read vulnerability. Successful exploitation could lead to information disclosure.
19-05-2018 - 13:29 19-05-2018 - 13:29
CVE-2018-2791 5.8
Vulnerability in the Oracle WebCenter Sites component of Oracle Fusion Middleware (subcomponent: Advanced UI). Supported versions that are affected are 11.1.1.8.0, 12.2.1.2.0 and 12.2.1.3.0. Easily exploitable vulnerability allows unauthenticated att
18-04-2018 - 22:29 18-04-2018 - 22:29
CVE-2018-2628 7.5
Vulnerability in the Oracle WebLogic Server component of Oracle Fusion Middleware (subcomponent: WLS Core Components). Supported versions that are affected are 10.3.6.0, 12.1.3.0, 12.2.1.2 and 12.2.1.3. Easily exploitable vulnerability allows unauthe
18-04-2018 - 22:29 18-04-2018 - 22:29
CVE-2017-6020 4.0
Leao Consultoria e Desenvolvimento de Sistemas (LCDS) LTDA ME LAquis SCADA software versions prior to version 4.1.0.3237 do not neutralize external input to ensure that users are not calling for absolute path sequences outside of their privilege leve
18-04-2018 - 21:29 17-04-2018 - 10:29
CVE-2018-8831 4.3
A Persistent XSS vulnerability exists in Kodi (formerly XBMC) through 17.6 that allows the execution of arbitrary HTML/script code in the context of the victim user's browser via a playlist.
18-04-2018 - 13:29 18-04-2018 - 13:29
CVE-2018-5430 4.0
The Spring web flows of TIBCO Software Inc.'s TIBCO JasperReports Server, TIBCO JasperReports Server Community Edition, TIBCO JasperReports Server for ActiveMatrix BPM, TIBCO Jaspersoft for AWS with Multi-Tenancy, and TIBCO Jaspersoft Reporting and A
17-04-2018 - 14:29 17-04-2018 - 14:29
CVE-2018-4121 6.8
An issue was discovered in certain Apple products. iOS before 11.3 is affected. Safari before 11.1 is affected. iCloud before 7.4 on Windows is affected. iTunes before 12.7.4 on Windows is affected. tvOS before 11.3 is affected. watchOS before 4.3 is
03-04-2018 - 02:29 03-04-2018 - 02:29
CVE-2018-4089 6.8
An issue was discovered in certain Apple products. iOS before 11.2.5 is affected. macOS before 10.13.3 is affected. Safari before 11.0.3 is affected. tvOS before 11.2.5 is affected. The issue involves the "WebKit" component. It allows remote attacker
03-04-2018 - 02:29 03-04-2018 - 02:29
CVE-2018-4087 9.3
An issue was discovered in certain Apple products. iOS before 11.2.5 is affected. tvOS before 11.2.5 is affected. watchOS before 4.2.2 is affected. The issue involves the "Core Bluetooth" component. It allows attackers to execute arbitrary code in a
03-04-2018 - 02:29 03-04-2018 - 02:29
CVE-2017-7005 6.8
An issue was discovered in certain Apple products. iOS before 10.3.2 is affected. Safari before 10.1.1 is affected. tvOS before 10.2.1 is affected. The issue involves the "JavaScriptCore" component. It allows remote attackers to execute arbitrary cod
03-04-2018 - 02:29 03-04-2018 - 02:29
CVE-2017-7004 5.1
An issue was discovered in certain Apple products. iOS before 10.3.2 is affected. macOS before 10.12.5 is affected. The issue involves the "Security" component. A race condition allows attackers to bypass intended entitlement restrictions for sending
03-04-2018 - 02:29 03-04-2018 - 02:29
CVE-2018-6849 4.3
In the WebRTC component in DuckDuckGo 4.2.0, after visiting a web site that attempts to gather complete client information (such as https://ip.voidsec.com), the browser can disclose a private IP address in a STUN request.
01-04-2018 - 14:29 01-04-2018 - 14:29
CVE-2018-9161 7.5
Prisma Industriale Checkweigher PrismaWEB 1.21 allows remote attackers to discover the hardcoded prisma password for the prismaweb account by reading user/scripts/login_par.js.
31-03-2018 - 18:29 31-03-2018 - 18:29
CVE-2018-7203 4.3
Cross-site scripting (XSS) vulnerability in Twonky Server 7.0.11 through 8.5 allows remote attackers to inject arbitrary web script or HTML via the friendlyname parameter to rpc/set_all.
30-03-2018 - 17:29 30-03-2018 - 17:29
CVE-2018-7171 5.0
Directory traversal vulnerability in Twonky Server 7.0.11 through 8.5 allows remote attackers to share the contents of arbitrary directories via a .. (dot dot) in the contentbase parameter to rpc/set_all.
30-03-2018 - 17:29 30-03-2018 - 17:29
CVE-2018-9148 5.0
Western Digital WD My Cloud v04.05.00-320 devices embed the session token (aka PHPSESSID) in filenames, which makes it easier for attackers to bypass authentication by listing a directory. NOTE: this can be exploited in conjunction with CVE-2018-7171
30-03-2018 - 15:29 30-03-2018 - 15:29
CVE-2018-8979 6.8
Open-AudIT Professional 2.1 has CSRF, as demonstrated by modifying a user account or inserting XSS sequences via the credentials URI.
25-03-2018 - 15:29 25-03-2018 - 15:29
CVE-2018-0880 6.9
The Desktop Bridge in Windows 10 1607, 1703, and 1709, Windows Server 2016 and Windows Server, version 1709 allows an elevation of privilege vulnerability due to how the virtual registry is managed, aka "Windows Desktop Bridge Elevation of Privilege
14-03-2018 - 13:29 14-03-2018 - 13:29
CVE-2017-2619 6.0
Samba before versions 4.6.1, 4.5.7 and 4.4.11 are vulnerable to a malicious client using a symlink race to allow access to areas of the server file system not exported under the share definition.
12-03-2018 - 11:29 12-03-2018 - 11:29
CVE-2018-7739 7.5
antsle antman before 0.9.1a allows remote attackers to bypass authentication via invalid characters in the username and password parameters, as demonstrated by a username=>&password=%0a string to the /login URI. This allows obtaining root permissions
06-03-2018 - 21:29 06-03-2018 - 21:29
CVE-2017-6192 4.3
Buffer overflow in APNGDis 2.8 and earlier allows a remote attackers to cause denial of service and possibly execute arbitrary code via a crafted image containing a malformed chunk size descriptor.
20-02-2018 - 11:29 20-02-2018 - 11:29
CVE-2018-7254 6.8
The ParseCaffHeaderConfig function of the cli/caff.c file of WavPack 5.1.0 allows a remote attacker to cause a denial-of-service (global buffer over-read), or possibly trigger a buffer overflow or incorrect memory allocation, via a maliciously crafte
19-02-2018 - 18:29 19-02-2018 - 18:29
CVE-2018-7216 6.0
Cross-site request forgery (CSRF) vulnerability in esop/toolkit/profile/regData.do in Bravo Tejari Procurement Portal allows remote authenticated users to hijack the authentication of application users for requests that modify their personal data by
18-02-2018 - 01:29 18-02-2018 - 01:29
CVE-2017-5799 6.5
A Remote Code Execution vulnerability in HPE OpenCall Media Platform (OCMP) was found. The vulnerability impacts OCMP versions prior to 3.4.2 RP201 (for OCMP 3.x), all versions prior to 4.4.7 RP702 (for OCMP 4.x).
15-02-2018 - 17:29 15-02-2018 - 17:29
CVE-2017-5798 4.3
A Remote Code Execution vulnerability in HPE OpenCall Media Platform (OCMP) was found. The vulnerability impacts OCMP versions prior to 3.4.2 RP201 (for OCMP 3.x), all versions prior to 4.4.7 RP702 (for OCMP 4.x).
15-02-2018 - 17:29 15-02-2018 - 17:29
CVE-2017-12542 10.0
A authentication bypass and execution of code vulnerability in HPE Integrated Lights-out 4 (iLO 4) version prior to 2.53 was found.
15-02-2018 - 17:29 15-02-2018 - 17:29
CVE-2016-8523 9.0