Vulnerabilities
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2017-03-23 | CVE-2017-7199 | Incorrect Permission Assignment for Critical Resource vulnerability in Tenable Nessus Nessus 6.6.2 - 6.10.3 contains a flaw related to insecure permissions that may allow a local attacker to escalate privileges when the software is running in Agent Mode. | 7.8 |
| 2017-03-23 | CVE-2017-6361 | OS Command Injection vulnerability in Qnap QTS QNAP QTS before 4.2.4 Build 20170313 allows attackers to execute arbitrary commands via unspecified vectors. | 9.8 |
| 2017-03-23 | CVE-2017-6360 | OS Command Injection vulnerability in Qnap QTS QNAP QTS before 4.2.4 Build 20170313 allows attackers to gain administrator privileges and obtain sensitive information via unspecified vectors. | 9.8 |
| 2017-03-23 | CVE-2017-6359 | OS Command Injection vulnerability in Qnap QTS QNAP QTS before 4.2.4 Build 20170313 allows attackers to gain administrator privileges and execute arbitrary commands via unspecified vectors. | 9.8 |
| 2017-03-23 | CVE-2017-6191 | Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in Apng Disassembler Project Apng Disassembler Buffer overflow in APNGDis 2.8 and below allows a remote attacker to execute arbitrary code via a crafted filename. | 7.8 |
| 2017-03-23 | CVE-2017-5897 | Out-of-bounds Read vulnerability in multiple products The ip6gre_err function in net/ipv6/ip6_gre.c in the Linux kernel allows remote attackers to have unspecified impact via vectors involving GRE flags in an IPv6 packet, which trigger an out-of-bounds access. | 9.8 |
| 2017-03-23 | CVE-2017-5538 | Out-of-bounds Read vulnerability in Samsung Mobile 6.0/7.0 The kbase_dispatch function in arm/t7xx/r5p0/mali_kbase_core_linux.c in the GPU driver on Samsung devices with M(6.0) and N(7.0) software and Exynos AP chipsets allows attackers to have unspecified impact via unknown vectors, which trigger an out-of-bounds read, aka SVE-2016-6362. | 9.8 |
| 2017-03-23 | CVE-2017-5524 | Use of Externally-Controlled Format String vulnerability in Plone Plone 4.x through 4.3.11 and 5.x through 5.0.6 allow remote attackers to bypass a sandbox protection mechanism and obtain sensitive information by leveraging the Python string format method. | 4.3 |
| 2017-03-23 | CVE-2017-5227 | Information Exposure vulnerability in Qnap QTS QNAP QTS before 4.2.4 Build 20170313 allows local users to obtain sensitive Domain Administrator password information by reading data in an XOR format within the /etc/config/uLinux.conf configuration file. | 7.5 |
| 2017-03-23 | CVE-2017-5207 | Improper Privilege Management vulnerability in Firejail Project Firejail Firejail before 0.9.44.4, when running a bandwidth command, allows local users to gain root privileges via the --shell argument. | 7.8 |