Vulnerabilities
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2017-03-21 | CVE-2017-5565 | Uncontrolled Search Path Element vulnerability in Trendmicro products Code injection vulnerability in Trend Micro Maximum Security 11.0 (and earlier), Internet Security 11.0 (and earlier), and Antivirus+ Security 11.0 (and earlier) allows a local attacker to bypass a self-protection mechanism, inject arbitrary code, and take full control of any Trend Micro process via a "DoubleAgent" attack. | 6.7 |
| 2017-03-21 | CVE-2017-3850 | Improper Input Validation vulnerability in Cisco IOS and IOS XE A vulnerability in the Autonomic Networking Infrastructure (ANI) feature of Cisco IOS Software (15.4 through 15.6) and Cisco IOS XE Software (3.7 through 3.18, and 16) could allow an unauthenticated, remote attacker to cause a denial of service (DoS) condition. | 5.9 |
| 2017-03-21 | CVE-2017-3849 | Improper Input Validation vulnerability in Cisco IOS and IOS XE A vulnerability in the Autonomic Networking Infrastructure (ANI) registrar feature of Cisco IOS Software (possibly 15.2 through 15.6) and Cisco IOS XE Software (possibly 3.7 through 3.18, and 16) could allow an unauthenticated, adjacent attacker to cause a denial of service (DoS) condition. | 7.4 |
| 2017-03-21 | CVE-2016-6650 | Information Exposure vulnerability in EMC Recoverpoint and Recoverpoint for Virtual Machines EMC RecoverPoint versions prior to 5.0 and EMC RecoverPoint for Virtual Machines versions prior to 5.0 have an SSL Stripping Vulnerability that may potentially be exploited by malicious users to compromise the affected system. | 7.5 |
| 2017-03-21 | CVE-2016-4504 | Cross-Site Request Forgery (CSRF) vulnerability in Meteocontrol Weblog A Cross-Site Request Forgery issue was discovered in Meteocontrol WEB'log Basic 100 all versions, Light all versions, Pro all versions, and Pro Unlimited all versions. | 8.8 |
| 2017-03-21 | CVE-2017-7210 | Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in GNU Binutils 2.28 objdump in GNU Binutils 2.28 is vulnerable to multiple heap-based buffer over-reads (of size 1 and size 8) while handling corrupt STABS enum type strings in a crafted object file, leading to program crash. | 5.5 |
| 2017-03-21 | CVE-2017-7209 | NULL Pointer Dereference vulnerability in GNU Binutils 2.28 The dump_section_as_bytes function in readelf in GNU Binutils 2.28 accesses a NULL pointer while reading section contents in a corrupt binary, leading to a program crash. | 5.5 |
| 2017-03-21 | CVE-2017-7208 | Out-of-bounds Read vulnerability in Libav 9.21 The decode_residual function in libavcodec in libav 9.21 allows remote attackers to cause a denial of service (buffer over-read) or obtain sensitive information from process memory via a crafted h264 video file. | 7.1 |
| 2017-03-21 | CVE-2017-7207 | NULL Pointer Dereference vulnerability in Artifex Ghostscript 9.20 The mem_get_bits_rectangle function in Artifex Software, Inc. | 5.5 |
| 2017-03-21 | CVE-2017-7206 | Out-of-bounds Read vulnerability in Libav 9.21 The ff_h2645_extract_rbsp function in libavcodec in libav 9.21 allows remote attackers to cause a denial of service (heap-based buffer over-read) or obtain sensitive information from process memory via a crafted h264 video file. | 7.1 |