| CVE | Vendor / Product | Sev | Risk | CVSS | EPSS | KEV | Published | Description |
|---|---|---|---|---|---|---|---|---|
| CVE-2017-7696 | Hig | 0.52 | 7.5 | 0.36 | Apr 14, 2017 | SAP AS JAVA SSO Authentication Library 2.0 through 3.0 allow remote attackers to cause a denial of service (memory consumption) via large values in the width and height parameters to otp_logon_ui_resources/qr, aka SAP Security Note 2389042. | ||
| CVE-2017-7690 | Hig | 0.54 | 7.8 | 0.01 | Apr 14, 2017 | Proxifier for Mac before 2.19.2, when first run, allows local users to gain privileges by replacing the KLoader binary with a Trojan horse program. | ||
| CVE-2017-6554 | Hig | 0.51 | 7.2 | 0.16 | Apr 14, 2017 | pmmasterd in Quest Privilege Manager before 6.0.0.061, when configured as a policy server, allows remote attackers to write to arbitrary files and consequently execute arbitrary code with root privileges via an ACT_NEWFILESENT action. | ||
| CVE-2016-8602 | Hig | 0.51 | 7.8 | 0.03 | Apr 14, 2017 | The .sethalftone5 function in psi/zht2.c in Ghostscript before 9.21 allows remote attackers to cause a denial of service (application crash) or possibly execute arbitrary code via a crafted Postscript document that calls .sethalftone5 with an empty operand stack. | ||
| CVE-2016-7051 | Hig | 0.56 | 8.6 | 0.02 | Apr 14, 2017 | XmlMapper in the Jackson XML dataformat component (aka jackson-dataformat-xml) before 2.7.8 and 2.8.x before 2.8.4 allows remote attackers to conduct server-side request forgery (SSRF) attacks via vectors related to a DTD. | ||
| CVE-2016-7032 | Hig | 0.46 | 7.0 | 0.00 | Apr 14, 2017 | sudo_noexec.so in Sudo before 1.8.15 on Linux might allow local users to bypass intended noexec command restrictions via an application that calls the (1) system or (2) popen function. | ||
| CVE-2016-6489 | Hig | 0.49 | 7.5 | 0.05 | Apr 14, 2017 | The RSA and DSA decryption code in Nettle makes it easier for attackers to discover private keys via a cache side channel attack. | ||
| CVE-2016-6299 | Hig | 0.51 | 7.8 | 0.02 | Apr 14, 2017 | The scm plug-in in mock might allow attackers to bypass the intended chroot protection mechanism and gain root privileges via a crafted spec file. | ||
| CVE-2016-4889 | Hig | 0.57 | 8.8 | 0.03 | Apr 14, 2017 | ZOHO ManageEngine ServiceDesk Plus before 9.0 allows remote authenticated guest users to have unspecified impact by leveraging failure to restrict access to unknown functions. | ||
| CVE-2016-3104 | Hig | 0.49 | 7.5 | 0.02 | Apr 14, 2017 | mongod in MongoDB 2.6, when using 2.4-style users, and 2.4 allow remote attackers to cause a denial of service (memory consumption and process termination) by leveraging in-memory database representation when authenticating against a non-existent database. | ||
| CVE-2016-1713 | Hig | 0.52 | 7.3 | 0.17 | Apr 14, 2017 | Unrestricted file upload vulnerability in the Settings_Vtiger_CompanyDetailsSave_Action class in modules/Settings/Vtiger/actions/CompanyDetailsSave.php in Vtiger CRM 6.4.0 allows remote authenticated users to execute arbitrary code by uploading a crafted image file with an… | ||
| CVE-2016-0727 | Hig | 0.54 | 7.8 | 0.01 | Apr 14, 2017 | The crontab script in the ntp package before 1:4.2.6.p3+dfsg-1ubuntu3.11 on Ubuntu 12.04 LTS, before 1:4.2.6.p5+dfsg-3ubuntu2.14.04.10 on Ubuntu 14.04 LTS, on Ubuntu Wily, and before 1:4.2.8p4+dfsg-3ubuntu5.3 on Ubuntu 16.04 LTS allows local users with access to the ntp account… | ||
| CVE-2017-1205 | Hig | 0.57 | 8.8 | 0.00 | Apr 14, 2017 | IBM Platform LSF 10.1 contains an unspecified vulnerability that could allow a local user to escalate their privileges and obtain root access. IBM X-Force ID: 123741. | ||
| CVE-2015-6568 | Hig | 0.54 | 8.8 | 0.11 | Apr 14, 2017 | Wolf CMS before 0.8.3.1 allows unrestricted file rename and PHP Code Execution because admin/plugin/file_manager/browse/ (aka the filemanager) does not prevent a change of a file extension to ".php" after originally using the parameter "filename" for uploading a JPEG image.… | ||
| CVE-2015-6567 | Hig | 0.54 | 8.8 | 0.11 | Apr 14, 2017 | Wolf CMS before 0.8.3.1 allows unrestricted file upload and PHP Code Execution because admin/plugin/file_manager/browse/ (aka the filemanager) does not validate the parameter "filename" properly. Exploitation requires a registered user who has access to upload functionality. | ||
| CVE-2017-7643 | Hig | 0.54 | 7.8 | 0.01 | Apr 14, 2017 | Proxifier for Mac before 2.19 allows local users to gain privileges via the first parameter to the KLoader setuid program. | ||
| CVE-2017-7456 | Hig | 0.54 | 7.5 | 0.29 | Apr 14, 2017 | Moxa MXView 2.8 allows remote attackers to cause a Denial of Service by sending overly long junk payload for the MXView client login credentials. | ||
| CVE-2017-7455 | Hig | 0.53 | 7.5 | 0.16 | Apr 14, 2017 | Moxa MXView 2.8 allows remote attackers to read web server's private key file, no access control. | ||
| CVE-2017-7408 | Hig | 0.49 | 7.5 | 0.02 | Apr 14, 2017 | Palo Alto Networks Traps ESM Console before 3.4.4 allows attackers to cause a denial of service by leveraging improper validation of requests to revoke a Traps agent license. | ||
| CVE-2017-7218 | Hig | 0.51 | 7.8 | 0.01 | Apr 14, 2017 | The Management Web Interface in Palo Alto Networks PAN-OS before 7.1.9 allows remote authenticated users to gain privileges via unspecified request parameters. | ||
| CVE-2015-8356 | Hig | 0.55 | 8.0 | 0.03 | Apr 14, 2017 | Multiple SQL injection vulnerabilities in the mcart.xls module 6.5.2 and earlier for Bitrix allow remote authenticated users to execute arbitrary SQL commands via the (1) xls_profile parameter to admin/mcart_xls_import.php or the (2) xls_iblock_id, (3) xls_iblock_section_id, (4)… | ||
| CVE-2017-7869 | Hig | 0.49 | 7.5 | 0.03 | Apr 14, 2017 | GnuTLS before 2017-02-20 has an out-of-bounds write caused by an integer overflow and heap-based buffer overflow related to the cdk_pkt_read function in opencdk/read-packet.c. This issue (which is a subset of the vendor's GNUTLS-SA-2017-3 report) is fixed in 3.5.10. | ||
| CVE-2017-7868 | Hig | 0.49 | 7.5 | 0.04 | Apr 14, 2017 | International Components for Unicode (ICU) for C/C++ before 2017-02-13 has an out-of-bounds write caused by a heap-based buffer overflow related to the utf8TextAccess function in common/utext.cpp and the utext_moveIndex32* function. | ||
| CVE-2017-7867 | Hig | 0.49 | 7.5 | 0.05 | Apr 14, 2017 | International Components for Unicode (ICU) for C/C++ before 2017-02-13 has an out-of-bounds write caused by a heap-based buffer overflow related to the utf8TextAccess function in common/utext.cpp and the utext_setNativeIndex* function. | ||
| CVE-2016-8727 | Hig | 0.49 | 7.5 | 0.01 | Apr 13, 2017 | An exploitable information disclosure vulnerability exists in the Web Application functionality of Moxa AWK-3131A Wireless Access Point. Retrieving a series of URLs without authentication can reveal sensitive configuration and system information to an attacker. | ||
| CVE-2016-8726 | Hig | 0.49 | 7.5 | 0.01 | Apr 13, 2017 | An exploitable null pointer dereference vulnerability exists in the Web Application /forms/web_runScript iw_filename functionality of Moxa AWK-3131A Wireless Access Point running firmware 1.1. An HTTP POST request with a blank line in the header will cause a segmentation fault… | ||
| CVE-2016-8723 | Hig | 0.49 | 7.5 | 0.01 | Apr 13, 2017 | An exploitable null pointer dereference exists in the Web Application functionality of Moxa AWK-3131A Wireless Access Point running firmware 1.1. Any HTTP GET request not preceded by an '/' will cause a segmentation fault in the web server. An attacker can send any of a… | ||
| CVE-2016-8712 | Hig | 0.53 | 8.1 | 0.01 | Apr 13, 2017 | An exploitable nonce reuse vulnerability exists in the Web Application functionality of Moxa AWK-3131A Wireless AP running firmware 1.1. The device uses one nonce for all session authentication requests and only changes the nonce if the web application has been idle for 300… | ||
| CVE-2016-7834 | Hig | 0.58 | 8.8 | 0.04 | Apr 13, 2017 | SONY SNC-CH115, SNC-CH120, SNC-CH160, SNC-CH220, SNC-CH260, SNC-DH120, SNC-DH120T, SNC-DH160, SNC-DH220, SNC-DH220T, SNC-DH260, SNC-EB520, SNC-EM520, SNC-EM521, SNC-ZB550, SNC-ZM550, SNC-ZM551, SNC-EP550, SNC-EP580, SNC-ER550, SNC-ER550C, SNC-ER580, SNC-ER585, SNC-ER585H,… | ||
| CVE-2015-8619 | Hig | 0.49 | 7.5 | 0.04 | Apr 13, 2017 | The Human Monitor Interface support in QEMU allows remote attackers to cause a denial of service (out-of-bounds write and application crash). | ||
| CVE-2015-8567 | Hig | 0.50 | 7.7 | 0.06 | Apr 13, 2017 | Memory leak in net/vmxnet3.c in QEMU allows remote attackers to cause a denial of service (memory consumption). | ||
| CVE-2015-4646 | Hig | 0.42 | 7.5 | 0.07 | Apr 13, 2017 | (1) unsquash-1.c, (2) unsquash-2.c, (3) unsquash-3.c, and (4) unsquash-4.c in Squashfs and sasquatch allow remote attackers to cause a denial of service (application crash) via a crafted input. | ||
| CVE-2013-6648 | Hig | 0.49 | 7.5 | 0.01 | Apr 13, 2017 | SkRegion::setPath in Skia allows remote attackers to cause a denial of service (crash). | ||
| CVE-2017-7853 | Hig | 0.49 | 7.5 | 0.02 | Apr 13, 2017 | In libosip2 in GNU oSIP 4.1.0 and 5.0.0, a malformed SIP message can lead to a heap buffer overflow in the msg_osip_body_parse() function defined in osipparser2/osip_message_parse.c, resulting in a remote DoS. | ||
| CVE-2016-10326 | Hig | 0.49 | 7.5 | 0.01 | Apr 13, 2017 | In libosip2 in GNU oSIP 4.1.0, a malformed SIP message can lead to a heap buffer overflow in the osip_body_to_str() function defined in osipparser2/osip_body.c, resulting in a remote DoS. | ||
| CVE-2016-10325 | Hig | 0.49 | 7.5 | 0.01 | Apr 13, 2017 | In libosip2 in GNU oSIP 4.1.0, a malformed SIP message can lead to a heap buffer overflow in the _osip_message_to_str() function defined in osipparser2/osip_message_to_str.c, resulting in a remote DoS. | ||
| CVE-2010-1821 | Hig | 0.51 | 7.8 | 0.00 | Apr 13, 2017 | Apple Mac OS X 10.6 through 10.6.3 and Mac OS X Server 10.6 through 10.6.3 allows local users to obtain system privileges. | ||
| CVE-2010-1816 | Hig | 0.51 | 7.8 | 0.02 | Apr 13, 2017 | Buffer overflow in ImageIO in Apple Mac OS X 10.6 through 10.6.3 and Mac OS X Server 10.6 through 10.6.3 allows remote attackers to execute arbitrary code or cause a denial of service (crash) via a crafted image. | ||
| CVE-2017-7219 | Hig | 0.58 | 8.8 | 0.05 | Apr 13, 2017 | A heap overflow vulnerability in Citrix NetScaler Gateway versions 10.1 before 135.8/135.12, 10.5 before 65.11, 11.0 before 70.12, and 11.1 before 52.13 allows a remote authenticated attacker to run arbitrary commands via unspecified vectors. | ||
| CVE-2016-4970 | Hig | 0.50 | 7.5 | 0.11 | Apr 13, 2017 | handler/ssl/OpenSslEngine.java in Netty 4.0.x before 4.0.37.Final and 4.1.x before 4.1.1.Final allows remote attackers to cause a denial of service (infinite loop). | ||
| CVE-2016-1914 | Hig | 0.61 | 8.8 | 0.04 | Apr 13, 2017 | Multiple SQL injection vulnerabilities in the com.rim.mdm.ui.server.ImageServlet servlet in BlackBerry Enterprise Server 12 (BES12) Self-Service before 12.4 allow remote attackers to execute arbitrary SQL commands via the imageName parameter to (1) mydevice/client/image, (2)… | ||
| CVE-2016-1132 | Hig | 0.49 | 7.5 | 0.01 | Apr 13, 2017 | Shoplat App for iOS 1.10.00 through 1.18.00 does not properly verify SSL certificates. | ||
| CVE-2016-10123 | Hig | 0.51 | 7.8 | 0.00 | Apr 13, 2017 | Firejail allows --chroot when seccomp is not supported, which might allow local users to gain privileges. | ||
| CVE-2016-10122 | Hig | 0.51 | 7.8 | 0.00 | Apr 13, 2017 | Firejail does not properly clean environment variables, which allows local users to gain privileges. | ||
| CVE-2016-10121 | Hig | 0.51 | 7.8 | 0.00 | Apr 13, 2017 | Firejail uses weak permissions for /dev/shm/firejail and possibly other files, which allows local users to gain privileges. | ||
| CVE-2016-10120 | Hig | 0.51 | 7.8 | 0.00 | Apr 13, 2017 | Firejail uses 0777 permissions when mounting (1) /dev, (2) /dev/shm, (3) /var/tmp, or (4) /var/lock, which allows local users to gain privileges. | ||
| CVE-2016-10119 | Hig | 0.51 | 7.8 | 0.00 | Apr 13, 2017 | Firejail uses 0777 permissions when mounting /tmp, which allows local users to gain privileges. | ||
| CVE-2016-10117 | Hig | 0.51 | 7.8 | 0.00 | Apr 13, 2017 | Firejail does not restrict access to --tmpfs, which allows local users to gain privileges, as demonstrated by mounting over /etc. | ||
| CVE-2015-8284 | Hig | 0.61 | 8.8 | 0.04 | Apr 13, 2017 | SeaWell Networks Spectrum SDC 02.05.00 allows remote viewer users to perform administrative functions. | ||
| CVE-2015-8270 | Hig | 0.49 | 7.5 | 0.03 | Apr 13, 2017 | The AMF3ReadString function in amf.c in RTMPDump 2.4 allows remote RTMP Media servers to cause a denial of service (invalid pointer dereference and process crash). |
- risk 0.52cvss 7.5epss 0.36
SAP AS JAVA SSO Authentication Library 2.0 through 3.0 allow remote attackers to cause a denial of service (memory consumption) via large values in the width and height parameters to otp_logon_ui_resources/qr, aka SAP Security Note 2389042.
- risk 0.54cvss 7.8epss 0.01
Proxifier for Mac before 2.19.2, when first run, allows local users to gain privileges by replacing the KLoader binary with a Trojan horse program.
- risk 0.51cvss 7.2epss 0.16
pmmasterd in Quest Privilege Manager before 6.0.0.061, when configured as a policy server, allows remote attackers to write to arbitrary files and consequently execute arbitrary code with root privileges via an ACT_NEWFILESENT action.
- risk 0.51cvss 7.8epss 0.03
The .sethalftone5 function in psi/zht2.c in Ghostscript before 9.21 allows remote attackers to cause a denial of service (application crash) or possibly execute arbitrary code via a crafted Postscript document that calls .sethalftone5 with an empty operand stack.
- risk 0.56cvss 8.6epss 0.02
XmlMapper in the Jackson XML dataformat component (aka jackson-dataformat-xml) before 2.7.8 and 2.8.x before 2.8.4 allows remote attackers to conduct server-side request forgery (SSRF) attacks via vectors related to a DTD.
- risk 0.46cvss 7.0epss 0.00
sudo_noexec.so in Sudo before 1.8.15 on Linux might allow local users to bypass intended noexec command restrictions via an application that calls the (1) system or (2) popen function.
- risk 0.49cvss 7.5epss 0.05
The RSA and DSA decryption code in Nettle makes it easier for attackers to discover private keys via a cache side channel attack.
- risk 0.51cvss 7.8epss 0.02
The scm plug-in in mock might allow attackers to bypass the intended chroot protection mechanism and gain root privileges via a crafted spec file.
- risk 0.57cvss 8.8epss 0.03
ZOHO ManageEngine ServiceDesk Plus before 9.0 allows remote authenticated guest users to have unspecified impact by leveraging failure to restrict access to unknown functions.
- risk 0.49cvss 7.5epss 0.02
mongod in MongoDB 2.6, when using 2.4-style users, and 2.4 allow remote attackers to cause a denial of service (memory consumption and process termination) by leveraging in-memory database representation when authenticating against a non-existent database.
- risk 0.52cvss 7.3epss 0.17
Unrestricted file upload vulnerability in the Settings_Vtiger_CompanyDetailsSave_Action class in modules/Settings/Vtiger/actions/CompanyDetailsSave.php in Vtiger CRM 6.4.0 allows remote authenticated users to execute arbitrary code by uploading a crafted image file with an…
- risk 0.54cvss 7.8epss 0.01
The crontab script in the ntp package before 1:4.2.6.p3+dfsg-1ubuntu3.11 on Ubuntu 12.04 LTS, before 1:4.2.6.p5+dfsg-3ubuntu2.14.04.10 on Ubuntu 14.04 LTS, on Ubuntu Wily, and before 1:4.2.8p4+dfsg-3ubuntu5.3 on Ubuntu 16.04 LTS allows local users with access to the ntp account…
- risk 0.57cvss 8.8epss 0.00
IBM Platform LSF 10.1 contains an unspecified vulnerability that could allow a local user to escalate their privileges and obtain root access. IBM X-Force ID: 123741.
- risk 0.54cvss 8.8epss 0.11
Wolf CMS before 0.8.3.1 allows unrestricted file rename and PHP Code Execution because admin/plugin/file_manager/browse/ (aka the filemanager) does not prevent a change of a file extension to ".php" after originally using the parameter "filename" for uploading a JPEG image.…
- risk 0.54cvss 8.8epss 0.11
Wolf CMS before 0.8.3.1 allows unrestricted file upload and PHP Code Execution because admin/plugin/file_manager/browse/ (aka the filemanager) does not validate the parameter "filename" properly. Exploitation requires a registered user who has access to upload functionality.
- risk 0.54cvss 7.8epss 0.01
Proxifier for Mac before 2.19 allows local users to gain privileges via the first parameter to the KLoader setuid program.
- risk 0.54cvss 7.5epss 0.29
Moxa MXView 2.8 allows remote attackers to cause a Denial of Service by sending overly long junk payload for the MXView client login credentials.
- risk 0.53cvss 7.5epss 0.16
Moxa MXView 2.8 allows remote attackers to read web server's private key file, no access control.
- risk 0.49cvss 7.5epss 0.02
Palo Alto Networks Traps ESM Console before 3.4.4 allows attackers to cause a denial of service by leveraging improper validation of requests to revoke a Traps agent license.
- risk 0.51cvss 7.8epss 0.01
The Management Web Interface in Palo Alto Networks PAN-OS before 7.1.9 allows remote authenticated users to gain privileges via unspecified request parameters.
- risk 0.55cvss 8.0epss 0.03
Multiple SQL injection vulnerabilities in the mcart.xls module 6.5.2 and earlier for Bitrix allow remote authenticated users to execute arbitrary SQL commands via the (1) xls_profile parameter to admin/mcart_xls_import.php or the (2) xls_iblock_id, (3) xls_iblock_section_id, (4)…
- risk 0.49cvss 7.5epss 0.03
GnuTLS before 2017-02-20 has an out-of-bounds write caused by an integer overflow and heap-based buffer overflow related to the cdk_pkt_read function in opencdk/read-packet.c. This issue (which is a subset of the vendor's GNUTLS-SA-2017-3 report) is fixed in 3.5.10.
- risk 0.49cvss 7.5epss 0.04
International Components for Unicode (ICU) for C/C++ before 2017-02-13 has an out-of-bounds write caused by a heap-based buffer overflow related to the utf8TextAccess function in common/utext.cpp and the utext_moveIndex32* function.
- risk 0.49cvss 7.5epss 0.05
International Components for Unicode (ICU) for C/C++ before 2017-02-13 has an out-of-bounds write caused by a heap-based buffer overflow related to the utf8TextAccess function in common/utext.cpp and the utext_setNativeIndex* function.
- risk 0.49cvss 7.5epss 0.01
An exploitable information disclosure vulnerability exists in the Web Application functionality of Moxa AWK-3131A Wireless Access Point. Retrieving a series of URLs without authentication can reveal sensitive configuration and system information to an attacker.
- risk 0.49cvss 7.5epss 0.01
An exploitable null pointer dereference vulnerability exists in the Web Application /forms/web_runScript iw_filename functionality of Moxa AWK-3131A Wireless Access Point running firmware 1.1. An HTTP POST request with a blank line in the header will cause a segmentation fault…
- risk 0.49cvss 7.5epss 0.01
An exploitable null pointer dereference exists in the Web Application functionality of Moxa AWK-3131A Wireless Access Point running firmware 1.1. Any HTTP GET request not preceded by an '/' will cause a segmentation fault in the web server. An attacker can send any of a…
- risk 0.53cvss 8.1epss 0.01
An exploitable nonce reuse vulnerability exists in the Web Application functionality of Moxa AWK-3131A Wireless AP running firmware 1.1. The device uses one nonce for all session authentication requests and only changes the nonce if the web application has been idle for 300…
- risk 0.58cvss 8.8epss 0.04
SONY SNC-CH115, SNC-CH120, SNC-CH160, SNC-CH220, SNC-CH260, SNC-DH120, SNC-DH120T, SNC-DH160, SNC-DH220, SNC-DH220T, SNC-DH260, SNC-EB520, SNC-EM520, SNC-EM521, SNC-ZB550, SNC-ZM550, SNC-ZM551, SNC-EP550, SNC-EP580, SNC-ER550, SNC-ER550C, SNC-ER580, SNC-ER585, SNC-ER585H,…
- risk 0.49cvss 7.5epss 0.04
The Human Monitor Interface support in QEMU allows remote attackers to cause a denial of service (out-of-bounds write and application crash).
- risk 0.50cvss 7.7epss 0.06
Memory leak in net/vmxnet3.c in QEMU allows remote attackers to cause a denial of service (memory consumption).
- risk 0.42cvss 7.5epss 0.07
(1) unsquash-1.c, (2) unsquash-2.c, (3) unsquash-3.c, and (4) unsquash-4.c in Squashfs and sasquatch allow remote attackers to cause a denial of service (application crash) via a crafted input.
- risk 0.49cvss 7.5epss 0.01
SkRegion::setPath in Skia allows remote attackers to cause a denial of service (crash).
- risk 0.49cvss 7.5epss 0.02
In libosip2 in GNU oSIP 4.1.0 and 5.0.0, a malformed SIP message can lead to a heap buffer overflow in the msg_osip_body_parse() function defined in osipparser2/osip_message_parse.c, resulting in a remote DoS.
- risk 0.49cvss 7.5epss 0.01
In libosip2 in GNU oSIP 4.1.0, a malformed SIP message can lead to a heap buffer overflow in the osip_body_to_str() function defined in osipparser2/osip_body.c, resulting in a remote DoS.
- risk 0.49cvss 7.5epss 0.01
In libosip2 in GNU oSIP 4.1.0, a malformed SIP message can lead to a heap buffer overflow in the _osip_message_to_str() function defined in osipparser2/osip_message_to_str.c, resulting in a remote DoS.
- risk 0.51cvss 7.8epss 0.00
Apple Mac OS X 10.6 through 10.6.3 and Mac OS X Server 10.6 through 10.6.3 allows local users to obtain system privileges.
- risk 0.51cvss 7.8epss 0.02
Buffer overflow in ImageIO in Apple Mac OS X 10.6 through 10.6.3 and Mac OS X Server 10.6 through 10.6.3 allows remote attackers to execute arbitrary code or cause a denial of service (crash) via a crafted image.
- risk 0.58cvss 8.8epss 0.05
A heap overflow vulnerability in Citrix NetScaler Gateway versions 10.1 before 135.8/135.12, 10.5 before 65.11, 11.0 before 70.12, and 11.1 before 52.13 allows a remote authenticated attacker to run arbitrary commands via unspecified vectors.
- risk 0.50cvss 7.5epss 0.11
handler/ssl/OpenSslEngine.java in Netty 4.0.x before 4.0.37.Final and 4.1.x before 4.1.1.Final allows remote attackers to cause a denial of service (infinite loop).
- risk 0.61cvss 8.8epss 0.04
Multiple SQL injection vulnerabilities in the com.rim.mdm.ui.server.ImageServlet servlet in BlackBerry Enterprise Server 12 (BES12) Self-Service before 12.4 allow remote attackers to execute arbitrary SQL commands via the imageName parameter to (1) mydevice/client/image, (2)…
- risk 0.49cvss 7.5epss 0.01
Shoplat App for iOS 1.10.00 through 1.18.00 does not properly verify SSL certificates.
- risk 0.51cvss 7.8epss 0.00
Firejail allows --chroot when seccomp is not supported, which might allow local users to gain privileges.
- risk 0.51cvss 7.8epss 0.00
Firejail does not properly clean environment variables, which allows local users to gain privileges.
- risk 0.51cvss 7.8epss 0.00
Firejail uses weak permissions for /dev/shm/firejail and possibly other files, which allows local users to gain privileges.
- risk 0.51cvss 7.8epss 0.00
Firejail uses 0777 permissions when mounting (1) /dev, (2) /dev/shm, (3) /var/tmp, or (4) /var/lock, which allows local users to gain privileges.
- risk 0.51cvss 7.8epss 0.00
Firejail uses 0777 permissions when mounting /tmp, which allows local users to gain privileges.
- risk 0.51cvss 7.8epss 0.00
Firejail does not restrict access to --tmpfs, which allows local users to gain privileges, as demonstrated by mounting over /etc.
- risk 0.61cvss 8.8epss 0.04
SeaWell Networks Spectrum SDC 02.05.00 allows remote viewer users to perform administrative functions.
- risk 0.49cvss 7.5epss 0.03
The AMF3ReadString function in amf.c in RTMPDump 2.4 allows remote RTMP Media servers to cause a denial of service (invalid pointer dereference and process crash).