Vulnerabilities
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2017-03-11 | CVE-2010-4314 | Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in Novell Iprint Remote attackers can use the iPrint web-browser ActiveX plugin in Novell iPrint Client before 5.42 for Windows XP/Vista/Win7 to execute code by overflowing the "name" parameter. | 8.8 |
| 2017-03-11 | CVE-2017-5638 | Improper Handling of Exceptional Conditions vulnerability in multiple products The Jakarta Multipart parser in Apache Struts 2 2.3.x before 2.3.32 and 2.5.x before 2.5.10.1 has incorrect exception handling and error-message generation during file-upload attempts, which allows remote attackers to execute arbitrary commands via a crafted Content-Type, Content-Disposition, or Content-Length HTTP header, as exploited in the wild in March 2017 with a Content-Type header containing a #cmd= string. | 9.8 |
| 2017-03-10 | CVE-2017-6802 | Out-of-bounds Read vulnerability in multiple products An issue was discovered in ytnef before 1.9.2. | 7.5 |
| 2017-03-10 | CVE-2017-6801 | Out-of-bounds Read vulnerability in multiple products An issue was discovered in ytnef before 1.9.2. | 7.5 |
| 2017-03-10 | CVE-2017-6800 | Out-of-bounds Read vulnerability in multiple products An issue was discovered in ytnef before 1.9.2. | 7.5 |
| 2017-03-10 | CVE-2017-6799 | Cross-site Scripting vulnerability in Mantisbt A cross-site scripting (XSS) vulnerability in view_filters_page.php in MantisBT before 2.2.1 allows remote attackers to inject arbitrary JavaScript via the 'view_type' parameter. | 6.1 |
| 2017-03-10 | CVE-2017-6798 | Untrusted Search Path vulnerability in Trendmicro Endpoint Sensor 1.6 Trend Micro Endpoint Sensor 1.6 before b1290 has a DLL hijacking vulnerability that allows remote attackers to execute arbitrary code, aka Trend Micro Vulnerability Identifier 2015-0208. | 7.8 |
| 2017-03-10 | CVE-2017-6596 | Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in Partclone Project Partclone 0.2.89 partclone.chkimg in partclone 0.2.89 is prone to a heap-based buffer overflow vulnerability due to insufficient validation of the partclone image header. | 5.5 |
| 2017-03-10 | CVE-2017-6506 | Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in Azure DEX Data Expert Ultimate 2.2.16 In Azure Data Expert Ultimate 2.2.16, the SMTP verification function suffers from a buffer overflow vulnerability, leading to remote code execution. | 9.8 |
| 2017-03-10 | CVE-2017-6427 | Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in Evostream Media Server 1.7.1 A Buffer Overflow was discovered in EvoStream Media Server 1.7.1. | 7.5 |