Vulnerabilities
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2017-04-06 | CVE-2016-9194 | Resource Management Errors vulnerability in Cisco products A vulnerability in 802.11 Wireless Multimedia Extensions (WME) action frame processing in Cisco Wireless LAN Controller (WLC) Software could allow an unauthenticated, adjacent attacker to cause a denial of service (DoS) condition. | 6.5 |
| 2017-04-06 | CVE-2016-10320 | OS Command Injection vulnerability in Textract Project Textract textract before 1.5.0 allows OS Command Injection attacks via a filename in a call to the process function. | 7.8 |
| 2017-04-06 | CVE-2017-7571 | Cross-Site Request Forgery (CSRF) vulnerability in Ladybirdweb Faveo Helpdesk 1.9.3 public/rolechangeadmin in Faveo 1.9.3 allows CSRF. | 8.0 |
| 2017-04-06 | CVE-2017-7569 | Server-Side Request Forgery (SSRF) vulnerability in Vbulletin In vBulletin before 5.3.0, remote attackers can bypass the CVE-2016-6483 patch and conduct SSRF attacks by leveraging the behavior of the PHP parse_url function, aka VBV-17037. | 8.6 |
| 2017-04-06 | CVE-2017-6884 | OS Command Injection vulnerability in Zyxel Emg2926 Firmware V1.00(Aaqt.4)B8 A command injection vulnerability was discovered on the Zyxel EMG2926 home router with firmware V1.00(AAQT.4)b8. | 8.8 |
| 2017-04-06 | CVE-2017-7566 | Server-Side Request Forgery (SSRF) vulnerability in Mybb MyBB before 1.8.11 allows remote attackers to bypass an SSRF protection mechanism. | 7.7 |
| 2017-04-06 | CVE-2017-7565 | Path Traversal vulnerability in Splunk Hadoop Connect Splunk Hadoop Connect App has a path traversal vulnerability that allows remote authenticated users to execute arbitrary code, aka ERP-2041. | 8.8 |
| 2017-04-06 | CVE-2017-7237 | Unspecified vulnerability in Spiceworks 7.5 The Spiceworks TFTP Server, as distributed with Spiceworks Inventory 7.5, allows remote attackers to access the Spiceworks data\configurations directory by leveraging the unauthenticated nature of the TFTP service for all clients who can reach UDP port 69, as demonstrated by a WRQ (aka Write request) operation for a configuration file or an executable file. | 9.8 |
| 2017-04-06 | CVE-2017-2675 | Little Snitch version 3.0 through 3.7.3 suffer from a local privilege escalation vulnerability in the installer part. | 7.8 |
| 2017-04-06 | CVE-2016-10319 | Integer Overflow or Wraparound vulnerability in ARM Trusted Firmware Project ARM Trusted Firmware 1.2/1.3 In ARM Trusted Firmware 1.2 and 1.3, a malformed firmware update SMC can result in copying unexpectedly large data into secure memory because of integer overflows. | 5.9 |