Vulnerabilities
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2017-03-22 | CVE-2014-9833 | Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in Imagemagick 6.8.99 Heap overflow in ImageMagick 6.8.9-9 via a crafted psd file. | 7.8 |
| 2017-03-22 | CVE-2014-9832 | Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in Imagemagick 6.8.99 Heap overflow in ImageMagick 6.8.9-9 via a crafted pcx file. | 7.8 |
| 2017-03-22 | CVE-2017-7222 | Cross-site Scripting vulnerability in Mantisbt A cross-site scripting (XSS) vulnerability in MantisBT before 2.1.1 allows remote attackers to inject arbitrary HTML or JavaScript (if MantisBT's CSP settings permit it) by modifying 'window_title' in the application configuration. | 6.1 |
| 2017-03-22 | CVE-2017-5874 | Cross-Site Request Forgery (CSRF) vulnerability in D-Link Dir-600M Firmware CSRF exists on D-Link DIR-600M Rev. | 8.8 |
| 2017-03-21 | CVE-2017-7215 | Cross-site Scripting vulnerability in Misp Project Misp Cross site scripting in some view elements in the index filter tool in app/webroot/js/misp2.4.68.js and the organisation landing page in app/View/Organisations/ajax/landingpage.ctp of MISP before 2.4.69 allows remote attackers to inject arbitrary web script or HTML. | 6.1 |
| 2017-03-21 | CVE-2017-7214 | Information Exposure Through Log Files vulnerability in Openstack Nova An issue was discovered in exception_wrapper.py in OpenStack Nova 13.x through 13.1.3, 14.x through 14.0.4, and 15.x through 15.0.1. | 9.8 |
| 2017-03-21 | CVE-2017-6417 | Uncontrolled Search Path Element vulnerability in Avira products Code injection vulnerability in Avira Total Security Suite 15.0 (and earlier), Optimization Suite 15.0 (and earlier), Internet Security Suite 15.0 (and earlier), and Free Security Suite 15.0 (and earlier) allows a local attacker to bypass a self-protection mechanism, inject arbitrary code, and take full control of any Avira process via a "DoubleAgent" attack. | 6.7 |
| 2017-03-21 | CVE-2017-6186 | Code Injection vulnerability in Bitdefender Antivirus Plus, Internet Security and Total Security Code injection vulnerability in Bitdefender Total Security 12.0 (and earlier), Internet Security 12.0 (and earlier), and Antivirus Plus 12.0 (and earlier) allows a local attacker to bypass a self-protection mechanism, inject arbitrary code, and take full control of any Bitdefender process via a "DoubleAgent" attack. | 6.7 |
| 2017-03-21 | CVE-2017-5567 | Uncontrolled Search Path Element vulnerability in Avast products Code injection vulnerability in Avast Premier 12.3 (and earlier), Internet Security 12.3 (and earlier), Pro Antivirus 12.3 (and earlier), and Free Antivirus 12.3 (and earlier) allows a local attacker to bypass a self-protection mechanism, inject arbitrary code, and take full control of any Avast process via a "DoubleAgent" attack. | 6.7 |
| 2017-03-21 | CVE-2017-5566 | Uncontrolled Search Path Element vulnerability in AVG Anti-Virus, Internet Security and Ultimate Code injection vulnerability in AVG Ultimate 17.1 (and earlier), AVG Internet Security 17.1 (and earlier), and AVG AntiVirus FREE 17.1 (and earlier) allows a local attacker to bypass a self-protection mechanism, inject arbitrary code, and take full control of any AVG process via a "DoubleAgent" attack. | 6.7 |