Page(s) : [1] 2 | Result(s) : 24 |
Alerts
DATE | NAME | CATEGORIES | DETAIL | |
---|---|---|---|---|
8.8 | 2017-03-24 | CVE-2017-5198 | cve | SolarWinds LEM (aka SIEM) before 6.3.1 has an incorrect sudo configuration, which allows local users to obtain root access by editing /usr/local/contego/scripts/hostname.sh. |
8.8 | 2017-03-24 | CVE-2017-5199 | cve | The editbanner feature in SolarWinds LEM (aka SIEM) through 6.3.1 allows remote authenticated users to execute arbitrary code by editing /usr/local/contego/scripts/mgrconfig.pl. |
8.8 | 2017-03-24 | CVE-2017-6369 | cve | Insufficient checks in the UDF subsystem in Firebird 2.5.x before 2.5.7 and 3.0.x before 3.0.2 allow remote authenticated users to execute code by using a 'system' ent... |
7.5 | 2017-03-24 | CVE-2016-10129 | cve | The Git Smart Protocol support in libgit2 before 0.24.6 and 0.25.x before 0.25.1 allows remote attackers to cause a denial of service (NULL pointer dereference) via an empty pac... |
7.5 | 2017-03-24 | CVE-2016-10132 | cve | regexp.c in Artifex Software, Inc. MuJS allows attackers to cause a denial of service (NULL pointer dereference and crash) via vectors related to regular expression compilation. |
7.5 | 2017-03-24 | CVE-2016-10146 | cve | Multiple memory leaks in the caption and label handling code in ImageMagick allow remote attackers to cause a denial of service (memory consumption) via unspecified vectors. |
7.5 | 2017-03-24 | CVE-2016-10149 | cve | XML External Entity (XXE) vulnerability in PySAML2 4.4.0 and earlier allows remote attackers to read arbitrary files via a crafted SAML XML request or response. |
7.5 | 2017-03-24 | CVE-2016-2224 | cve | The __decode_dotted function in libc/inet/resolv.c in uClibc-ng before 1.0.12 allows remote DNS servers to cause a denial of service (infinite loop) via vectors involving compre... |
7.5 | 2017-03-24 | CVE-2016-2225 | cve | The __read_etc_hosts_r function in libc/inet/resolv.c in uClibc-ng before 1.0.12 allows remote DNS servers to cause a denial of service (infinite loop) via a crafted packet. |
7.5 | 2017-03-24 | CVE-2016-7797 | cve | Pacemaker before 1.1.15, when using pacemaker remote, might allow remote attackers to cause a denial of service (node disconnection) via an unauthenticated connection. |
7.5 | 2017-03-24 | CVE-2017-5335 | cve | The stream reading functions in lib/opencdk/read-packet.c in GnuTLS before 3.3.26 and 3.5.x before 3.5.8 allow remote attackers to cause a denial of service (out-of-memory error... |
7.8 | 2017-03-24 | CVE-2017-5506 | cve | Double free vulnerability in magick/profile.c in ImageMagick allows remote attackers to have unspecified impact via a crafted file. |
7.5 | 2017-03-24 | CVE-2017-5507 | cve | Memory leak in coders/mpc.c in ImageMagick before 6.9.7-4 and 7.x before 7.0.4-4 allows remote attackers to cause a denial of service (memory consumption) via vectors involving ... |
7.8 | 2017-03-24 | CVE-2017-5509 | cve | coders/psd.c in ImageMagick allows remote attackers to have unspecified impact via a crafted PSD file, which triggers an out-of-bounds write. |
7.8 | 2017-03-24 | CVE-2017-5510 | cve | coders/psd.c in ImageMagick allows remote attackers to have unspecified impact via a crafted PSD file, which triggers an out-of-bounds write. |
8.8 | 2017-03-24 | CVE-2017-5869 | cve | Directory traversal vulnerability in the file import feature in Nuxeo Platform 6.0, 7.1, 7.2, and 7.3 allows remote authenticated users to upload and execute arbitrary JSP code ... |
8.8 | 2017-03-24 | CVE-2017-6087 | cve | EyesOfNetwork ("EON") 5.0 and earlier allows remote authenticated users to execute arbitrary code via shell metacharacters in the selected_events[] parameter in the (1) acknowle... |
7.5 | 2017-03-24 | CVE-2017-7240 | cve | An issue was discovered on Miele Professional PST10 devices. The corresponding embedded webserver "PST10 WebServer" typically listens to port 80 and is prone to a directory trav... |
7.5 | 2017-03-24 | CVE-2017-7243 | cve | Eclipse tinydtls 0.8.2 for Eclipse IoT allows remote attackers to cause a denial of service (DTLS peer crash) by sending a "Change cipher spec" packet without pre-handshake. |
7.8 | 2017-03-24 | CVE-2016-10268 | cve | tools/tiffcp.c in LibTIFF 4.0.7 allows remote attackers to cause a denial of service (integer underflow and heap-based buffer under-read) or possibly have unspecified other impa... |
Page(s) : [1] 2 | Result(s) : 24 |