Vulnerabilities (CVE)

CWE filter

CWE-441

Filter

5 total CVE
CVE Vendors Products Updated CVSS
CVE-2018-12182 1 Tianocore 1 Edk Ii 2019-04-11 4.6
Insufficient memory write check in SMM service for EDK II may allow an authenticated user to potentially enable escalation of privilege, information disclosure and/or denial of service via local access.
CVE-2019-3924 1 Mikrotik 1 Routeros 2019-03-08 5.0
MikroTik RouterOS before 6.43.12 (stable) and 6.42.12 (long-term) is vulnerable to an intermediary vulnerability. The software will execute user defined network requests to both WAN and LAN clients. A remote unauthenticated attacker can use this...
CVE-2018-16598 1 Amazon 2 Amazon Web Services Freertos, Freertos 2019-01-04 4.3
An issue was discovered in Amazon Web Services (AWS) FreeRTOS through 1.3.1, FreeRTOS up to V10.0.1 (with FreeRTOS+TCP), and WITTENSTEIN WHIS Connect middleware TCP/IP component. In xProcessReceivedUDPPacket and prvParseDNSReply, any received DNS...
CVE-2018-1999038 1 Jenkins 1 Publish Over Cifs 2018-10-15 4.9
A confused deputy vulnerability exists in Jenkins Publisher Over CIFS Plugin 0.10 and earlier in CifsPublisherPluginDescriptor.java that allows attackers to have Jenkins connect to an attacker specified CIFS server with attacker specified credentials.
CVE-2015-2947 1 Grabacr.net 1 Kancolleviewer 2017-04-25 6.4
KanColleViewer versions 3.8.1 and earlier operates as an open proxy which allows remote attackers to trigger outbound network traffic.