Vulnerabilities
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2017-03-10 | CVE-2017-6311 | NULL Pointer Dereference vulnerability in multiple products gdk-pixbuf-thumbnailer.c in gdk-pixbuf allows context-dependent attackers to cause a denial of service (NULL pointer dereference and application crash) via vectors related to printing an error message. | 7.5 |
| 2017-03-10 | CVE-2017-5872 | Improper Input Validation vulnerability in Unisys Clearpath MCP 57.1/58.1/59.1 The TCP/IP networking module in Unisys ClearPath MCP systems with TCP-IP-SW 57.1 before 57.152, 58.1 before 58.142, or 59.1 before 59.172, when running a TLS 1.2 service, allows remote attackers to cause a denial of service (network connectivity disruption) via a client hello with a signature_algorithms extension above those defined in RFC 5246, which triggers a full memory dump. | 7.5 |
| 2017-03-10 | CVE-2015-2330 | Improper Certificate Validation vulnerability in Webkitgtk Late TLS certificate verification in WebKitGTK+ prior to 2.6.6 allows remote attackers to view a secure HTTP request, including, for example, secure cookies. | 7.5 |
| 2017-03-10 | CVE-2017-6465 | Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in Ftpshell Client 6.53 Remote Code Execution was discovered in FTPShell Client 6.53. | 9.8 |
| 2017-03-10 | CVE-2017-4960 | An issue was discovered in Cloud Foundry release v247 through v252, UAA stand-alone release v3.9.0 through v3.11.0, and UAA Bosh Release v21 through v26. | 7.5 |
| 2017-03-10 | CVE-2017-6797 | Cross-site Scripting vulnerability in Mantisbt A cross-site scripting (XSS) vulnerability in bug_change_status_page.php in MantisBT before 1.3.7 and 2.x before 2.2.1 allows remote attackers to inject arbitrary JavaScript via the 'action_type' parameter. | 6.1 |
| 2017-03-09 | CVE-2017-6591 | Cross-site Scripting vulnerability in Django-Epiceditor Project Django-Epiceditor 0.2.3 There is a cross-site scripting vulnerability in django-epiceditor 0.2.3 via crafted content in a form field. | 6.1 |
| 2017-03-09 | CVE-2017-6590 | Incorrect Authorization vulnerability in Canonical Ubuntu Linux An issue was discovered in network-manager-applet (aka network-manager-gnome) in Ubuntu 12.04 LTS, 14.04 LTS, 16.04 LTS, and 16.10. | 6.3 |
| 2017-03-09 | CVE-2017-6589 | Cross-site Scripting vulnerability in Epiceditor Project Epiceditor EpicEditor through 0.2.3 has Cross-Site Scripting because of an insecure default marked.js configuration. | 6.1 |
| 2017-03-09 | CVE-2017-6529 | Insufficient Session Expiration vulnerability in Dnatools Dnalims 42015S13 An issue was discovered in dnaTools dnaLIMS 4-2015s13. | 8.8 |