Vulnerabilities
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2017-03-19 | CVE-2017-5623 | Improper Privilege Management vulnerability in Oneplus Oxygenos An issue was discovered in OxygenOS before 4.1.0 on OnePlus 3 and 3T devices. | 6.6 |
| 2017-03-19 | CVE-2017-7184 | Unspecified vulnerability in Linux Kernel The xfrm_replay_verify_len function in net/xfrm/xfrm_user.c in the Linux kernel through 4.10.6 does not validate certain size data after an XFRM_MSG_NEWAE update, which allows local users to obtain root privileges or cause a denial of service (heap-based out-of-bounds access) by leveraging the CAP_NET_ADMIN capability, as demonstrated during a Pwn2Own competition at CanSecWest 2017 for the Ubuntu 16.10 linux-image-* package 4.8.0.41.52. | 7.8 |
| 2017-03-19 | CVE-2016-8855 | Cross-site Scripting vulnerability in Sitecore Experience Platform 8.1 Cross-Site Scripting (XSS) in "/sitecore/client/Applications/List Manager/Taskpages/Contact list" in Sitecore Experience Platform 8.1 rev. | 6.1 |
| 2017-03-18 | CVE-2017-7178 | Cross-Site Request Forgery (CSRF) vulnerability in multiple products CSRF was discovered in the web UI in Deluge before 1.3.14. | 8.8 |
| 2017-03-18 | CVE-2017-7177 | Improperly Implemented Security Check for Standard vulnerability in Openinfosecfoundation Suricata Suricata before 3.2.1 has an IPv4 defragmentation evasion issue caused by lack of a check for the IP protocol during fragment matching. | 7.5 |
| 2017-03-18 | CVE-2016-10253 | Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in Erlang Erlang/Otp An issue was discovered in Erlang/OTP 18.x. | 9.8 |
| 2017-03-17 | CVE-2017-7174 | Unspecified vulnerability in Chef Manage Project Chef Manage The user-account creation feature in Chef Manage 2.1.0 through 2.4.4 allows remote attackers to execute arbitrary code. | 9.8 |
| 2017-03-17 | CVE-2017-3881 | Improper Input Validation vulnerability in Cisco IOS A vulnerability in the Cisco Cluster Management Protocol (CMP) processing code in Cisco IOS and Cisco IOS XE Software could allow an unauthenticated, remote attacker to cause a reload of an affected device or remotely execute code with elevated privileges. | 9.8 |
| 2017-03-17 | CVE-2017-3880 | Improper Authentication vulnerability in Cisco Webex Meetings Server An Authentication Bypass vulnerability in Cisco WebEx Meetings Server could allow an unauthenticated, remote attacker to access limited meeting information on the Cisco WebEx Meetings Server. | 6.5 |
| 2017-03-17 | CVE-2017-3879 | Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in Cisco Nx-Os 7.0(3)I3(0.170)/8.3(0)Cv(0.342)/8.3(0)Cv(0.345) A Denial of Service vulnerability in the remote login functionality for Cisco NX-OS Software running on Cisco Nexus 9000 Series Switches could allow an unauthenticated, remote attacker to cause a process used for login to terminate unexpectedly and the login attempt to fail. | 5.3 |