Vulnerabilities
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2017-03-17 | CVE-2014-8701 | Information Exposure vulnerability in Wondercms 2014 Wonder CMS 2014 allows remote attackers to obtain sensitive information by viewing /files/password, which reveals the unsalted MD5 hashed password. | 7.5 |
| 2017-03-17 | CVE-2017-6969 | Out-of-bounds Read vulnerability in GNU Binutils 2.28 readelf in GNU Binutils 2.28 is vulnerable to a heap-based buffer over-read while processing corrupt RL78 binaries. | 9.1 |
| 2017-03-17 | CVE-2017-6967 | Improper Authentication vulnerability in Neutrinolabs Xrdp 0.9.1 xrdp 0.9.1 calls the PAM function auth_start_session() in an incorrect location, leading to PAM session modules not being properly initialized, with a potential consequence of incorrect configurations or elevation of privileges, aka a pam_limits.so bypass. | 7.3 |
| 2017-03-17 | CVE-2017-6966 | Use After Free vulnerability in GNU Binutils 2.28 readelf in GNU Binutils 2.28 has a use-after-free (specifically read-after-free) error while processing multiple, relocated sections in an MSP430 binary. | 5.5 |
| 2017-03-17 | CVE-2017-6965 | Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in GNU Binutils 2.28 readelf in GNU Binutils 2.28 writes to illegal addresses while processing corrupt input files containing symbol-difference relocations, leading to a heap-based buffer overflow. | 5.5 |
| 2017-03-17 | CVE-2017-6962 | Integer Overflow or Wraparound vulnerability in Apng2Gif Project Apng2Gif 1.7 An issue was discovered in apng2gif 1.7. | 7.5 |
| 2017-03-17 | CVE-2017-6961 | Improper Input Validation vulnerability in Apng2Gif Project Apng2Gif 1.7 An issue was discovered in apng2gif 1.7. | 5.5 |
| 2017-03-17 | CVE-2017-6960 | Integer Overflow or Wraparound vulnerability in multiple products An issue was discovered in apng2gif 1.7. | 7.5 |
| 2017-03-17 | CVE-2017-6958 | Cross-site Scripting vulnerability in Mantisbt Source Integration An XSS vulnerability in the MantisBT Source Integration Plugin (before 2.0.2) search result page allows an attacker to inject arbitrary HTML or JavaScript (if MantisBT's CSP settings permit it) by crafting any valid parameter. | 6.1 |
| 2017-03-17 | CVE-2017-6955 | Improper Input Validation vulnerability in Teleogistic Invite Anyone An issue was discovered in by-email/by-email.php in the Invite Anyone plugin before 1.3.15 for WordPress. | 5.3 |