Security Vulnerabilities - CVEs Published In October 2018
makeMultiView.cpp in exrmultiview in OpenEXR 2.3.0 has an out-of-bounds write, leading to an assertion failure or possibly unspecified other impact.
CVSS Score
8.8
EPSS Score
0.006
Published
2018-10-17
In the Linux kernel 4.14.x, 4.15.x, 4.16.x, 4.17.x, and 4.18.x before 4.18.13, faulty computation of numeric bounds in the BPF verifier permits out-of-bounds memory accesses because adjust_scalar_min_max_vals in kernel/bpf/verifier.c mishandles 32-bit right shifts.
CVSS Score
7.8
EPSS Score
0.0
Published
2018-10-17
A vulnerability in the Web UI component of Avaya Aura System Platform could allow a remote, unauthenticated user to perform a targeted deserialization attack that could result in remote code execution. Affected versions of System Platform includes 6.3.0 through 6.3.9 and 6.4.0 through 6.4.2.
CVSS Score
9.0
EPSS Score
0.044
Published
2018-10-17
Adobe Experience Manager versions 6.4, 6.3, 6.2, 6.1, and 6.0 have a stored cross-site scripting vulnerability. Successful exploitation could lead to sensitive information disclosure.
CVSS Score
6.1
EPSS Score
0.011
Published
2018-10-17
Adobe Experience Manager versions 6.4, 6.3, 6.2, 6.1, and 6.0 have a reflected cross-site scripting vulnerability. Successful exploitation could lead to sensitive information disclosure.
CVSS Score
6.1
EPSS Score
0.011
Published
2018-10-17
Adobe Experience Manager versions 6.4, 6.3, 6.2, 6.1, and 6.0 have a reflected cross-site scripting vulnerability. Successful exploitation could lead to sensitive information disclosure.
CVSS Score
6.1
EPSS Score
0.011
Published
2018-10-17
Adobe Experience Manager versions 6.4, 6.3, 6.2, 6.1, and 6.0 have a stored cross-site scripting vulnerability. Successful exploitation could lead to sensitive information disclosure.
CVSS Score
6.1
EPSS Score
0.01
Published
2018-10-17
Adobe Experience Manager versions 6.4, 6.3, 6.2, 6.1, and 6.0 have a stored cross-site scripting vulnerability. Successful exploitation could lead to sensitive information disclosure.
CVSS Score
6.1
EPSS Score
0.01
Published
2018-10-17
Adobe Framemaker versions 1.0.5.1 and below have an insecure library loading (dll hijacking) vulnerability. Successful exploitation could lead to privilege escalation.
CVSS Score
7.8
EPSS Score
0.019
Published
2018-10-17
Adobe Technical Communications Suite versions 1.0.5.1 and below have an insecure library loading (dll hijacking) vulnerability. Successful exploitation could lead to privilege escalation.
CVSS Score
7.8
EPSS Score
0.028
Published
2018-10-17