| CVE | Vendor / Product | Sev | Risk | CVSS | EPSS | KEV | Published | Description |
|---|---|---|---|---|---|---|---|---|
| CVE-2015-7246 | Cri | 0.68 | 9.8 | 0.14 | Apr 24, 2017 | D-Link DVG-N5402SP with firmware W1000CN-00, W1000CN-03, or W2000EN-00 has a default password of root for the root account and tw for the tw account, which makes it easier for remote attackers to obtain administrative access. | ||
| CVE-2017-2320 | Cri | 0.65 | 10.0 | 0.02 | Apr 24, 2017 | A vulnerability in Juniper Networks NorthStar Controller Application prior to version 2.1.0 Service Pack 1 may allow an unauthenticated, unprivileged, network-based attacker to cause various denials of services leading to targeted information disclosure, modification of any… | ||
| CVE-2014-9654 | Cri | 0.64 | 9.8 | 0.02 | Apr 24, 2017 | The Regular Expressions package in International Components for Unicode (ICU) for C/C++ before 2014-12-03, as used in Google Chrome before 40.0.2214.91, calculates certain values without ensuring that they can be represented in a 24-bit field, which allows remote attackers to… | ||
| CVE-2017-8076 | Cri | 0.64 | 9.8 | 0.01 | Apr 23, 2017 | On the TP-Link TL-SG108E 1.0, admin network communications are RC4 encoded, even though RC4 is deprecated. This affects the 1.1.2 Build 20141017 Rel.50749 firmware. | ||
| CVE-2017-8075 | Cri | 0.64 | 9.8 | 0.02 | Apr 23, 2017 | On the TP-Link TL-SG108E 1.0, a remote attacker could retrieve credentials from "Switch Info" log lines where passwords are in cleartext. This affects the 1.1.2 Build 20141017 Rel.50749 firmware. | ||
| CVE-2017-8074 | Cri | 0.64 | 9.8 | 0.02 | Apr 23, 2017 | On the TP-Link TL-SG108E 1.0, a remote attacker could retrieve credentials from "SEND data" log lines where passwords are encoded in hexadecimal. This affects the 1.1.2 Build 20141017 Rel.50749 firmware. | ||
| CVE-2017-7991 | Cri | 0.64 | 9.8 | 0.02 | Apr 22, 2017 | Exponent CMS 2.4.1 and earlier has SQL injection via a base64 serialized API key (apikey parameter) in the api function of framework/modules/eaas/controllers/eaasController.php. | ||
| CVE-2016-3109 | Cri | 0.59 | 9.8 | 0.28 | Apr 21, 2017 | The backend/Login/load/ script in Shopware before 5.1.5 allows remote attackers to execute arbitrary code. | ||
| CVE-2016-3067 | Cri | 0.64 | 9.8 | 0.02 | Apr 21, 2017 | Cygwin before 2.5.0 does not properly handle updating permissions when changing users, which allows attackers to gain privileges. | ||
| CVE-2016-2173 | Cri | 0.64 | 9.8 | 0.06 | Apr 21, 2017 | org.springframework.core.serializer.DefaultDeserializer in Spring AMQP before 1.5.5 allows remote attackers to execute arbitrary code. | ||
| CVE-2016-1560 | Cri | 0.72 | 9.8 | 0.72 | Apr 21, 2017 | ExaGrid appliances with firmware before 4.8 P26 have a default password of (1) inflection for the root shell account and (2) support for the support account in the web interface, which allows remote attackers to obtain administrative access via an SSH or HTTP session. | ||
| CVE-2017-8051 | Cri | 0.68 | 9.8 | 0.16 | Apr 21, 2017 | Tenable Appliance 3.5 - 4.4.0, and possibly prior versions, contains a flaw in the simpleupload.py script in the Web UI. Through the manipulation of the tns_appliance_session_user parameter, a remote attacker can inject arbitrary commands. | ||
| CVE-2016-1558 | Cri | 0.64 | 9.8 | 0.09 | Apr 21, 2017 | Buffer overflow in D-Link DAP-2310 2.06 and earlier, DAP-2330 1.06 and earlier, DAP-2360 2.06 and earlier, DAP-2553 H/W ver. B1 3.05 and earlier, DAP-2660 1.11 and earlier, DAP-2690 3.15 and earlier, DAP-2695 1.16 and earlier, DAP-3320 1.00 and earlier, and DAP-3662 1.01 and… | ||
| CVE-2016-1557 | Cri | 0.64 | 9.8 | 0.03 | Apr 21, 2017 | Netgear WNAP320, WNDAP350, and WNDAP360 before 3.5.5.0 reveal wireless passwords and administrative usernames and passwords over SNMP. | ||
| CVE-2016-1555 | Cri | 0.87 | 9.8 | 0.98 | KEV | Apr 21, 2017 | (1) boardData102.php, (2) boardData103.php, (3) boardDataJP.php, (4) boardDataNA.php, and (5) boardDataWW.php in Netgear WN604 before 3.3.3 and WN802Tv2, WNAP210v2, WNAP320, WNDAP350, WNDAP360, and WNDAP660 before 3.5.5.0 allow remote attackers to execute arbitrary commands. | |
| CVE-2017-5158 | Cri | 0.64 | 9.8 | 0.02 | Apr 20, 2017 | An Information Exposure issue was discovered in Schneider Electric Wonderware InTouch Access Anywhere, version 11.5.2 and prior. Credentials may be exposed to external systems via specific URL parameters, as arbitrary destination addresses may be specified. | ||
| CVE-2016-8721 | Cri | 0.59 | 9.1 | 0.03 | Apr 20, 2017 | An exploitable OS Command Injection vulnerability exists in the web application 'ping' functionality of Moxa AWK-3131A Wireless Access Points running firmware 1.1. Specially crafted web form input can cause an OS Command Injection resulting in complete compromise of the… | ||
| CVE-2016-5762 | Cri | 0.64 | 9.8 | 0.06 | Apr 20, 2017 | Integer overflow in the Post Office Agent in Novell GroupWise before 2014 R2 Service Pack 1 Hot Patch 1 might allow remote attackers to execute arbitrary code via a long (1) username or (2) password, which triggers a heap-based buffer overflow. | ||
| CVE-2016-1219 | Cri | 0.64 | 9.8 | 0.03 | Apr 20, 2017 | Cybozu Garoon before 4.2.2 allows remote attackers to bypass login authentication via vectors related to API use. | ||
| CVE-2017-7964 | Cri | 0.65 | 10.0 | 0.03 | Apr 19, 2017 | Zyxel WRE6505 devices have a default TELNET password of 1234 for the root and admin accounts, which makes it easier for remote attackers to conduct DNS hijacking attacks by reconfiguring the built-in dnshijacker process. | ||
| CVE-2017-5645 | Cri | 0.71 | 9.8 | 0.89 | Apr 17, 2017 | In Apache Log4j 2.x before 2.8.2, when using the TCP socket server or UDP socket server to receive serialized log events from another application, a specially crafted binary payload can be sent that, when deserialized, can execute arbitrary code. | ||
| CVE-2017-5651 | Cri | 0.57 | 9.8 | 0.08 | Apr 17, 2017 | In Apache Tomcat 9.0.0.M1 to 9.0.0.M18 and 8.5.0 to 8.5.12, the refactoring of the HTTP connectors introduced a regression in the send file processing. If the send file processing completed quickly, it was possible for the Processor to be added to the processor cache twice. This… | ||
| CVE-2017-5648 | Cri | 0.53 | 9.1 | 0.13 | Apr 17, 2017 | While investigating bug 60718, it was noticed that some calls to application listeners in Apache Tomcat 9.0.0.M1 to 9.0.0.M17, 8.5.0 to 8.5.11, 8.0.0.RC1 to 8.0.41, and 7.0.0 to 7.0.75 did not use the appropriate facade object. When running an untrusted application under a… | ||
| CVE-2016-6727 | Cri | 0.64 | 9.8 | 0.03 | Apr 17, 2017 | The Qualcomm GPS subsystem in Android on Android One devices allows remote attackers to execute arbitrary code. | ||
| CVE-2016-6726 | Cri | 0.64 | 9.8 | 0.01 | Apr 17, 2017 | Unspecified vulnerability in Qualcomm components in Android on Nexus 6 and Android One devices. | ||
| CVE-2017-7882 | Cri | 0.64 | 9.8 | 0.02 | Apr 15, 2017 | LibreOffice before 2017-03-14 has an out-of-bounds write related to the HWPFile::TagsRead function in hwpfilter/source/hwpfile.cxx. | ||
| CVE-2017-7878 | Cri | 0.64 | 9.8 | 0.01 | Apr 14, 2017 | SQL Injection vulnerability in flatCore version 1.4.6 allows an attacker to read and write to the users database. | ||
| CVE-2017-7875 | Cri | 0.64 | 9.8 | 0.02 | Apr 14, 2017 | In wallpaper.c in feh before v2.18.3, if a malicious client pretends to be the E17 window manager, it is possible to trigger an out-of-boundary heap write while receiving an IPC message. An integer overflow leads to a buffer overflow and/or a double free. | ||
| CVE-2017-7357 | Cri | 0.59 | 9.1 | 0.03 | Apr 14, 2017 | Hipchat Server before 2.2.3 allows remote authenticated users with Server Administrator level privileges to execute arbitrary code by importing a file. | ||
| CVE-2017-7870 | Cri | 0.64 | 9.8 | 0.04 | Apr 14, 2017 | LibreOffice before 2017-01-02 has an out-of-bounds write caused by a heap-based buffer overflow related to the tools::Polygon::Insert function in tools/source/generic/poly.cxx. | ||
| CVE-2017-7866 | Cri | 0.64 | 9.8 | 0.03 | Apr 14, 2017 | FFmpeg before 2017-01-23 has an out-of-bounds write caused by a stack-based buffer overflow related to the decode_zbuf function in libavcodec/pngdec.c. | ||
| CVE-2017-7865 | Cri | 0.64 | 9.8 | 0.03 | Apr 14, 2017 | FFmpeg before 2017-01-24 has an out-of-bounds write caused by a heap-based buffer overflow related to the ipvideo_decode_block_opcode_0xA function in libavcodec/interplayvideo.c and the avcodec_align_dimensions2 function in libavcodec/utils.c. | ||
| CVE-2017-7864 | Cri | 0.64 | 9.8 | 0.04 | Apr 14, 2017 | FreeType 2 before 2017-02-02 has an out-of-bounds write caused by a heap-based buffer overflow related to the tt_size_reset function in truetype/ttobjs.c. | ||
| CVE-2017-7863 | Cri | 0.64 | 9.8 | 0.03 | Apr 14, 2017 | FFmpeg before 2017-02-04 has an out-of-bounds write caused by a heap-based buffer overflow related to the decode_frame_common function in libavcodec/pngdec.c. | ||
| CVE-2017-7862 | Cri | 0.64 | 9.8 | 0.03 | Apr 14, 2017 | FFmpeg before 2017-02-07 has an out-of-bounds write caused by a heap-based buffer overflow related to the decode_frame function in libavcodec/pictordec.c. | ||
| CVE-2017-7861 | Cri | 0.64 | 9.8 | 0.03 | Apr 14, 2017 | Google gRPC before 2017-02-22 has an out-of-bounds write related to the gpr_free function in core/lib/support/alloc.c. | ||
| CVE-2017-7860 | Cri | 0.64 | 9.8 | 0.03 | Apr 14, 2017 | Google gRPC before 2017-02-22 has an out-of-bounds write caused by a heap-based buffer overflow related to the parse_unix function in core/ext/client_channel/parse_address.c. | ||
| CVE-2017-7859 | Cri | 0.64 | 9.8 | 0.02 | Apr 14, 2017 | FFmpeg before 2017-03-05 has an out-of-bounds write caused by a heap-based buffer overflow related to the ff_h264_slice_context_init function in libavcodec/h264dec.c. | ||
| CVE-2017-7858 | Cri | 0.64 | 9.8 | 0.03 | Apr 14, 2017 | FreeType 2 before 2017-03-07 has an out-of-bounds write related to the TT_Get_MM_Var function in truetype/ttgxvar.c and the sfnt_init_face function in sfnt/sfobjs.c. | ||
| CVE-2017-7857 | Cri | 0.64 | 9.8 | 0.04 | Apr 14, 2017 | FreeType 2 before 2017-03-08 has an out-of-bounds write caused by a heap-based buffer overflow related to the TT_Get_MM_Var function in truetype/ttgxvar.c and the sfnt_init_face function in sfnt/sfobjs.c. | ||
| CVE-2017-7856 | Cri | 0.64 | 9.8 | 0.03 | Apr 14, 2017 | LibreOffice before 2017-03-11 has an out-of-bounds write caused by a heap-based buffer overflow in the SVMConverter::ImplConvertFromSVM1 function in vcl/source/gdi/svmconverter.cxx. | ||
| CVE-2016-10328 | Cri | 0.57 | 9.8 | 0.04 | Apr 14, 2017 | FreeType 2 before 2016-12-16 has an out-of-bounds write caused by a heap-based buffer overflow related to the cff_parser_run function in cff/cffparse.c. | ||
| CVE-2016-10327 | Cri | 0.57 | 9.8 | 0.04 | Apr 14, 2017 | LibreOffice before 2016-12-22 has an out-of-bounds write caused by a heap-based buffer overflow related to the EnhWMFReader::ReadEnhWMF function in vcl/source/filter/wmf/enhwmf.cxx. | ||
| CVE-2016-6818 | Cri | 0.64 | 9.8 | 0.02 | Apr 13, 2017 | SQL injection vulnerability in SAP Business Intelligence platform before January 2017 allows remote attackers to obtain sensitive information, modify data, cause a denial of service (data deletion), or launch administrative operations or possibly OS commands via a crafted SQL… | ||
| CVE-2016-4899 | Cri | 0.64 | 9.8 | 0.06 | Apr 13, 2017 | The datamover module in the Linux version of NovaBACKUP DataCenter before 09.06.03.0353 is vulnerable to remote command execution via unspecified attack vectors. | ||
| CVE-2016-4898 | Cri | 0.64 | 9.8 | 0.06 | Apr 13, 2017 | The datamover module in the Linux version of NovaBACKUP DataCenter before 09.06.03.0353 is vulnerable to remote command execution via unspecified attack vectors. | ||
| CVE-2016-1155 | Cri | 0.64 | 9.8 | 0.02 | Apr 13, 2017 | HTTP header injection vulnerability in the URLConnection class in Android OS 2.2 through 6.0 allows remote attackers to execute arbitrary scripts or set arbitrary values in cookies. | ||
| CVE-2015-2947 | Cri | 0.59 | 9.1 | 0.01 | Apr 13, 2017 | KanColleViewer versions 3.8.1 and earlier operates as an open proxy which allows remote attackers to trigger outbound network traffic. | ||
| CVE-2012-1301 | Cri | 0.64 | 9.8 | 0.03 | Apr 13, 2017 | The FeedProxy.aspx script in Umbraco 4.7.0 allows remote attackers to proxy requests on their behalf via the "url" parameter. | ||
| CVE-2016-2566 | Cri | 0.64 | 9.8 | 0.02 | Apr 13, 2017 | Samsung SecEmailSync on SM-G920F build G920FXXU2COH2 (Galaxy S6) devices has SQL injection, aka SVE-2015-5081. |
- risk 0.68cvss 9.8epss 0.14
D-Link DVG-N5402SP with firmware W1000CN-00, W1000CN-03, or W2000EN-00 has a default password of root for the root account and tw for the tw account, which makes it easier for remote attackers to obtain administrative access.
- risk 0.65cvss 10.0epss 0.02
A vulnerability in Juniper Networks NorthStar Controller Application prior to version 2.1.0 Service Pack 1 may allow an unauthenticated, unprivileged, network-based attacker to cause various denials of services leading to targeted information disclosure, modification of any…
- risk 0.64cvss 9.8epss 0.02
The Regular Expressions package in International Components for Unicode (ICU) for C/C++ before 2014-12-03, as used in Google Chrome before 40.0.2214.91, calculates certain values without ensuring that they can be represented in a 24-bit field, which allows remote attackers to…
- risk 0.64cvss 9.8epss 0.01
On the TP-Link TL-SG108E 1.0, admin network communications are RC4 encoded, even though RC4 is deprecated. This affects the 1.1.2 Build 20141017 Rel.50749 firmware.
- risk 0.64cvss 9.8epss 0.02
On the TP-Link TL-SG108E 1.0, a remote attacker could retrieve credentials from "Switch Info" log lines where passwords are in cleartext. This affects the 1.1.2 Build 20141017 Rel.50749 firmware.
- risk 0.64cvss 9.8epss 0.02
On the TP-Link TL-SG108E 1.0, a remote attacker could retrieve credentials from "SEND data" log lines where passwords are encoded in hexadecimal. This affects the 1.1.2 Build 20141017 Rel.50749 firmware.
- risk 0.64cvss 9.8epss 0.02
Exponent CMS 2.4.1 and earlier has SQL injection via a base64 serialized API key (apikey parameter) in the api function of framework/modules/eaas/controllers/eaasController.php.
- risk 0.59cvss 9.8epss 0.28
The backend/Login/load/ script in Shopware before 5.1.5 allows remote attackers to execute arbitrary code.
- risk 0.64cvss 9.8epss 0.02
Cygwin before 2.5.0 does not properly handle updating permissions when changing users, which allows attackers to gain privileges.
- risk 0.64cvss 9.8epss 0.06
org.springframework.core.serializer.DefaultDeserializer in Spring AMQP before 1.5.5 allows remote attackers to execute arbitrary code.
- risk 0.72cvss 9.8epss 0.72
ExaGrid appliances with firmware before 4.8 P26 have a default password of (1) inflection for the root shell account and (2) support for the support account in the web interface, which allows remote attackers to obtain administrative access via an SSH or HTTP session.
- risk 0.68cvss 9.8epss 0.16
Tenable Appliance 3.5 - 4.4.0, and possibly prior versions, contains a flaw in the simpleupload.py script in the Web UI. Through the manipulation of the tns_appliance_session_user parameter, a remote attacker can inject arbitrary commands.
- risk 0.64cvss 9.8epss 0.09
Buffer overflow in D-Link DAP-2310 2.06 and earlier, DAP-2330 1.06 and earlier, DAP-2360 2.06 and earlier, DAP-2553 H/W ver. B1 3.05 and earlier, DAP-2660 1.11 and earlier, DAP-2690 3.15 and earlier, DAP-2695 1.16 and earlier, DAP-3320 1.00 and earlier, and DAP-3662 1.01 and…
- risk 0.64cvss 9.8epss 0.03
Netgear WNAP320, WNDAP350, and WNDAP360 before 3.5.5.0 reveal wireless passwords and administrative usernames and passwords over SNMP.
- risk 0.87cvss 9.8epss 0.98
(1) boardData102.php, (2) boardData103.php, (3) boardDataJP.php, (4) boardDataNA.php, and (5) boardDataWW.php in Netgear WN604 before 3.3.3 and WN802Tv2, WNAP210v2, WNAP320, WNDAP350, WNDAP360, and WNDAP660 before 3.5.5.0 allow remote attackers to execute arbitrary commands.
- risk 0.64cvss 9.8epss 0.02
An Information Exposure issue was discovered in Schneider Electric Wonderware InTouch Access Anywhere, version 11.5.2 and prior. Credentials may be exposed to external systems via specific URL parameters, as arbitrary destination addresses may be specified.
- risk 0.59cvss 9.1epss 0.03
An exploitable OS Command Injection vulnerability exists in the web application 'ping' functionality of Moxa AWK-3131A Wireless Access Points running firmware 1.1. Specially crafted web form input can cause an OS Command Injection resulting in complete compromise of the…
- risk 0.64cvss 9.8epss 0.06
Integer overflow in the Post Office Agent in Novell GroupWise before 2014 R2 Service Pack 1 Hot Patch 1 might allow remote attackers to execute arbitrary code via a long (1) username or (2) password, which triggers a heap-based buffer overflow.
- risk 0.64cvss 9.8epss 0.03
Cybozu Garoon before 4.2.2 allows remote attackers to bypass login authentication via vectors related to API use.
- risk 0.65cvss 10.0epss 0.03
Zyxel WRE6505 devices have a default TELNET password of 1234 for the root and admin accounts, which makes it easier for remote attackers to conduct DNS hijacking attacks by reconfiguring the built-in dnshijacker process.
- risk 0.71cvss 9.8epss 0.89
In Apache Log4j 2.x before 2.8.2, when using the TCP socket server or UDP socket server to receive serialized log events from another application, a specially crafted binary payload can be sent that, when deserialized, can execute arbitrary code.
- risk 0.57cvss 9.8epss 0.08
In Apache Tomcat 9.0.0.M1 to 9.0.0.M18 and 8.5.0 to 8.5.12, the refactoring of the HTTP connectors introduced a regression in the send file processing. If the send file processing completed quickly, it was possible for the Processor to be added to the processor cache twice. This…
- risk 0.53cvss 9.1epss 0.13
While investigating bug 60718, it was noticed that some calls to application listeners in Apache Tomcat 9.0.0.M1 to 9.0.0.M17, 8.5.0 to 8.5.11, 8.0.0.RC1 to 8.0.41, and 7.0.0 to 7.0.75 did not use the appropriate facade object. When running an untrusted application under a…
- risk 0.64cvss 9.8epss 0.03
The Qualcomm GPS subsystem in Android on Android One devices allows remote attackers to execute arbitrary code.
- risk 0.64cvss 9.8epss 0.01
Unspecified vulnerability in Qualcomm components in Android on Nexus 6 and Android One devices.
- risk 0.64cvss 9.8epss 0.02
LibreOffice before 2017-03-14 has an out-of-bounds write related to the HWPFile::TagsRead function in hwpfilter/source/hwpfile.cxx.
- risk 0.64cvss 9.8epss 0.01
SQL Injection vulnerability in flatCore version 1.4.6 allows an attacker to read and write to the users database.
- risk 0.64cvss 9.8epss 0.02
In wallpaper.c in feh before v2.18.3, if a malicious client pretends to be the E17 window manager, it is possible to trigger an out-of-boundary heap write while receiving an IPC message. An integer overflow leads to a buffer overflow and/or a double free.
- risk 0.59cvss 9.1epss 0.03
Hipchat Server before 2.2.3 allows remote authenticated users with Server Administrator level privileges to execute arbitrary code by importing a file.
- risk 0.64cvss 9.8epss 0.04
LibreOffice before 2017-01-02 has an out-of-bounds write caused by a heap-based buffer overflow related to the tools::Polygon::Insert function in tools/source/generic/poly.cxx.
- risk 0.64cvss 9.8epss 0.03
FFmpeg before 2017-01-23 has an out-of-bounds write caused by a stack-based buffer overflow related to the decode_zbuf function in libavcodec/pngdec.c.
- risk 0.64cvss 9.8epss 0.03
FFmpeg before 2017-01-24 has an out-of-bounds write caused by a heap-based buffer overflow related to the ipvideo_decode_block_opcode_0xA function in libavcodec/interplayvideo.c and the avcodec_align_dimensions2 function in libavcodec/utils.c.
- risk 0.64cvss 9.8epss 0.04
FreeType 2 before 2017-02-02 has an out-of-bounds write caused by a heap-based buffer overflow related to the tt_size_reset function in truetype/ttobjs.c.
- risk 0.64cvss 9.8epss 0.03
FFmpeg before 2017-02-04 has an out-of-bounds write caused by a heap-based buffer overflow related to the decode_frame_common function in libavcodec/pngdec.c.
- risk 0.64cvss 9.8epss 0.03
FFmpeg before 2017-02-07 has an out-of-bounds write caused by a heap-based buffer overflow related to the decode_frame function in libavcodec/pictordec.c.
- risk 0.64cvss 9.8epss 0.03
Google gRPC before 2017-02-22 has an out-of-bounds write related to the gpr_free function in core/lib/support/alloc.c.
- risk 0.64cvss 9.8epss 0.03
Google gRPC before 2017-02-22 has an out-of-bounds write caused by a heap-based buffer overflow related to the parse_unix function in core/ext/client_channel/parse_address.c.
- risk 0.64cvss 9.8epss 0.02
FFmpeg before 2017-03-05 has an out-of-bounds write caused by a heap-based buffer overflow related to the ff_h264_slice_context_init function in libavcodec/h264dec.c.
- risk 0.64cvss 9.8epss 0.03
FreeType 2 before 2017-03-07 has an out-of-bounds write related to the TT_Get_MM_Var function in truetype/ttgxvar.c and the sfnt_init_face function in sfnt/sfobjs.c.
- risk 0.64cvss 9.8epss 0.04
FreeType 2 before 2017-03-08 has an out-of-bounds write caused by a heap-based buffer overflow related to the TT_Get_MM_Var function in truetype/ttgxvar.c and the sfnt_init_face function in sfnt/sfobjs.c.
- risk 0.64cvss 9.8epss 0.03
LibreOffice before 2017-03-11 has an out-of-bounds write caused by a heap-based buffer overflow in the SVMConverter::ImplConvertFromSVM1 function in vcl/source/gdi/svmconverter.cxx.
- risk 0.57cvss 9.8epss 0.04
FreeType 2 before 2016-12-16 has an out-of-bounds write caused by a heap-based buffer overflow related to the cff_parser_run function in cff/cffparse.c.
- risk 0.57cvss 9.8epss 0.04
LibreOffice before 2016-12-22 has an out-of-bounds write caused by a heap-based buffer overflow related to the EnhWMFReader::ReadEnhWMF function in vcl/source/filter/wmf/enhwmf.cxx.
- risk 0.64cvss 9.8epss 0.02
SQL injection vulnerability in SAP Business Intelligence platform before January 2017 allows remote attackers to obtain sensitive information, modify data, cause a denial of service (data deletion), or launch administrative operations or possibly OS commands via a crafted SQL…
- risk 0.64cvss 9.8epss 0.06
The datamover module in the Linux version of NovaBACKUP DataCenter before 09.06.03.0353 is vulnerable to remote command execution via unspecified attack vectors.
- risk 0.64cvss 9.8epss 0.06
The datamover module in the Linux version of NovaBACKUP DataCenter before 09.06.03.0353 is vulnerable to remote command execution via unspecified attack vectors.
- risk 0.64cvss 9.8epss 0.02
HTTP header injection vulnerability in the URLConnection class in Android OS 2.2 through 6.0 allows remote attackers to execute arbitrary scripts or set arbitrary values in cookies.
- risk 0.59cvss 9.1epss 0.01
KanColleViewer versions 3.8.1 and earlier operates as an open proxy which allows remote attackers to trigger outbound network traffic.
- risk 0.64cvss 9.8epss 0.03
The FeedProxy.aspx script in Umbraco 4.7.0 allows remote attackers to proxy requests on their behalf via the "url" parameter.
- risk 0.64cvss 9.8epss 0.02
Samsung SecEmailSync on SM-G920F build G920FXXU2COH2 (Galaxy S6) devices has SQL injection, aka SVE-2015-5081.