Security Vulnerabilities - CVEs Published In February 2018
SQL Injection exists in the Zh YandexMap 6.2.1.0 component for Joomla! via the id parameter in a task=getPlacemarkDetails request.
CVSS Score
9.8
EPSS Score
0.014
Published
2018-02-05
SQL Injection exists in the Zh BaiduMap 3.0.0.1 component for Joomla! via the id parameter in a getPlacemarkDetails, getPlacemarkHoverText, getPathHoverText, or getPathDetails request.
CVSS Score
9.8
EPSS Score
0.901
Published
2018-02-05
System Manager in Avaya Aura before 7.1.2 does not properly use SSL in conjunction with authentication, which allows remote attackers to bypass intended Remote Method Invocation (RMI) restrictions, aka SMGR-26896.
CVSS Score
7.5
EPSS Score
0.015
Published
2018-02-05
A Stack-based Buffer Overflow issue was discovered in Fuji Electric V-Server VPR 4.0.1.0 and prior. The stack-based buffer overflow vulnerability has been identified, which may allow remote code execution.
CVSS Score
9.8
EPSS Score
0.048
Published
2018-02-05
OMRON NS devices 1.1 through 1.3 allow remote attackers to bypass authentication via a direct request to the .html file for a specific screen, as demonstrated by monitor.html.
CVSS Score
9.8
EPSS Score
0.01
Published
2018-02-05
In WatchDog Anti-Malware 2.74.186.150, the driver file (ZAMGUARD32.SYS) allows local users to cause a denial of service (BSOD) or possibly have unspecified other impact because of not validating input values from IOCtl 0x80002010.
CVSS Score
7.8
EPSS Score
0.001
Published
2018-02-05
In Micropoint proactive defense software 2.0.20266.0146, the driver file (mp110005.sys) allows local users to cause a denial of service (BSOD) or possibly have unspecified other impact because of not validating input values from IOCtl 0x80000035.
CVSS Score
7.8
EPSS Score
0.001
Published
2018-02-05
In WatchDog Anti-Malware 2.74.186.150, the driver file (ZAMGUARD32.SYS) allows local users to cause a denial of service (BSOD) or possibly have unspecified other impact because of not validating input values from IOCtl 0x80002054.
CVSS Score
7.8
EPSS Score
0.001
Published
2018-02-05
In Micropoint proactive defense software 2.0.20266.0146, the driver file (mp110005.sys) allows local users to cause a denial of service (BSOD) or possibly have unspecified other impact because of not validating input values from IOCtl 0x8000010c.
CVSS Score
7.8
EPSS Score
0.001
Published
2018-02-05
In Micropoint proactive defense software 2.0.20266.0146, the driver file (mp110005.sys) allows local users to cause a denial of service (BSOD) or possibly have unspecified other impact because of not validating input values from IOCtl 0x80000118.
CVSS Score
7.8
EPSS Score
0.001
Published
2018-02-05