CVE-2018-8861

HIGH Year: 2018
CVSS v3 Score
8.7
High
CVSS v2 Score
6.8
Medium
Weakness Type
CWE-668
View all →

Vulnerability Description

Vulnerabilities within the Philips Brilliance CT kiosk environment (Brilliance 64 version 2.6.2 and prior, Brilliance iCT versions 4.1.6 and prior, Brillance iCT SP versions 3.2.4 and prior, and Brilliance CT Big Bore 2.3.5 and prior) could enable a limited-access kiosk user or an unauthorized attacker to break-out from the containment of the kiosk environment, attain elevated privileges from the underlying Windows OS, and access unauthorized resources from the operating system.

Related Vulnerabilities

CVE-2023-26458

HIGH
CVSS:8.7(High)

An information disclosure vulnerability exists in SAP Landscape Management - version 3.0, enterprise edition. It allows an authenticated SAP Landscape Management user to obtain privileged access to ot...

CWE-6682023

CVE-2020-11303

HIGH
CVSS:8.6(High)

Accepting AMSDU frames with mismatched destination and source address can lead to information disclosure in Snapdragon Auto, Snapdragon Connectivity, Snapdragon Consumer Electronics Connectivity, Snap...

CWE-6682020

CVE-2021-39184

HIGH
CVSS:8.6(High)

Electron is a framework for writing cross-platform desktop applications using JavaScript, HTML and CSS. A vulnerability in versions prior to 11.5.0, 12.1.0, and 13.3.0 allows a sandboxed renderer to r...

CWE-6682021

CVE-2016-10840

HIGH
CVSS:8.8(High)

cPanel before 11.54.0.4 allows arbitrary code execution during locale duplication (SEC-72).

CWE-6682016

CVE-2017-0367

HIGH
CVSS:8.8(High)

Mediawiki before 1.28.1 / 1.27.2 contains an unsafe use of temporary directory, where having LocalisationCache directory default to system tmp directory is insecure.

CWE-6682017

CVE-2017-15393

HIGH
CVSS:8.8(High)

Insufficient Policy Enforcement in Devtools remote debugging in Google Chrome prior to 62.0.3202.62 allowed a remote attacker to obtain access to remote debugging functionality via a crafted HTML page...

CWE-6682017