Security Vulnerabilities - CVEs Published In October 2018
makeMultiView.cpp in exrmultiview in OpenEXR 2.3.0 has an out-of-bounds write, leading to an assertion failure or possibly unspecified other impact.
CVSS Score
8.8
EPSS Score
0.026
Published
2018-10-17
In the Linux kernel 4.14.x, 4.15.x, 4.16.x, 4.17.x, and 4.18.x before 4.18.13, faulty computation of numeric bounds in the BPF verifier permits out-of-bounds memory accesses because adjust_scalar_min_max_vals in kernel/bpf/verifier.c mishandles 32-bit right shifts.
CVSS Score
7.8
EPSS Score
0.005
Published
2018-10-17
A vulnerability in the Web UI component of Avaya Aura System Platform could allow a remote, unauthenticated user to perform a targeted deserialization attack that could result in remote code execution. Affected versions of System Platform includes 6.3.0 through 6.3.9 and 6.4.0 through 6.4.2.
CVSS Score
9.0
EPSS Score
0.033
Published
2018-10-17
Adobe Experience Manager versions 6.4, 6.3, 6.2, 6.1, and 6.0 have a stored cross-site scripting vulnerability. Successful exploitation could lead to sensitive information disclosure.
CVSS Score
6.1
EPSS Score
0.019
Published
2018-10-17
Adobe Experience Manager versions 6.4, 6.3, 6.2, 6.1, and 6.0 have a reflected cross-site scripting vulnerability. Successful exploitation could lead to sensitive information disclosure.
CVSS Score
6.1
EPSS Score
0.019
Published
2018-10-17
Adobe Experience Manager versions 6.4, 6.3, 6.2, 6.1, and 6.0 have a reflected cross-site scripting vulnerability. Successful exploitation could lead to sensitive information disclosure.
CVSS Score
6.1
EPSS Score
0.019
Published
2018-10-17
Adobe Experience Manager versions 6.4, 6.3, 6.2, 6.1, and 6.0 have a stored cross-site scripting vulnerability. Successful exploitation could lead to sensitive information disclosure.
CVSS Score
6.1
EPSS Score
0.024
Published
2018-10-17
Adobe Experience Manager versions 6.4, 6.3, 6.2, 6.1, and 6.0 have a stored cross-site scripting vulnerability. Successful exploitation could lead to sensitive information disclosure.
CVSS Score
6.1
EPSS Score
0.024
Published
2018-10-17
Adobe Framemaker versions 1.0.5.1 and below have an insecure library loading (dll hijacking) vulnerability. Successful exploitation could lead to privilege escalation.
CVSS Score
7.8
EPSS Score
0.046
Published
2018-10-17
Adobe Technical Communications Suite versions 1.0.5.1 and below have an insecure library loading (dll hijacking) vulnerability. Successful exploitation could lead to privilege escalation.
CVSS Score
7.8
EPSS Score
0.054
Published
2018-10-17