Vulnerabilities
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2017-03-03 | CVE-2016-7407 | Improper Input Validation vulnerability in Dropbear SSH Project Dropbear SSH The dropbearconvert command in Dropbear SSH before 2016.74 allows attackers to execute arbitrary code via a crafted OpenSSH key file. | 9.8 |
| 2017-03-03 | CVE-2016-7406 | Improper Input Validation vulnerability in Dropbear SSH Project Dropbear SSH Format string vulnerability in Dropbear SSH before 2016.74 allows remote attackers to execute arbitrary code via format string specifiers in the (1) username or (2) host argument. | 9.8 |
| 2017-03-03 | CVE-2016-6884 | Out-of-bounds Read vulnerability in Matrixssl 3.8.2 TLS cipher suites with CBC mode in TLS 1.1 and 1.2 in MatrixSSL before 3.8.3 allow remote attackers to cause a denial of service (out-of-bounds read) via a crafted message. | 6.5 |
| 2017-03-03 | CVE-2016-6883 | Information Exposure vulnerability in Matrixssl 3.8.2 MatrixSSL before 3.8.3 configured with RSA Cipher Suites allows remote attackers to obtain sensitive information via a Bleichenbacher variant attack. | 5.9 |
| 2017-03-03 | CVE-2016-6882 | Key Management Errors vulnerability in Matrixssl MatrixSSL before 3.8.7, when the DHE_RSA based cipher suite is supported, makes it easier for remote attackers to obtain RSA private key information by conducting a Lenstra side-channel attack. | 5.9 |
| 2017-03-03 | CVE-2015-8815 | Cross-site Scripting vulnerability in Umbraco Multiple cross-site scripting (XSS) vulnerabilities in Umbraco before 7.4.0 allow remote attackers to inject arbitrary web script or HTML via the name parameter to (1) the media page, (2) the developer data edit page, or (3) the form page. | 6.1 |
| 2017-03-03 | CVE-2015-8814 | Cross-Site Request Forgery (CSRF) vulnerability in Umbraco 7.3.8 Umbraco before 7.4.0 allows remote attackers to bypass anti-forgery security measures and conduct cross-site request forgery (CSRF) attacks as demonstrated by editing user account information in the templates.asmx.cs file. | 8.8 |
| 2017-03-03 | CVE-2015-8813 | Server-Side Request Forgery (SSRF) vulnerability in Umbraco The Page_Load function in Umbraco.Web/umbraco.presentation/umbraco/dashboard/FeedProxy.aspx.cs in Umbraco before 7.4.0 allows remote attackers to conduct server-side request forgery (SSRF) attacks via the url parameter. | 8.2 |
| 2017-03-03 | CVE-2017-5867 | Resource Exhaustion vulnerability in Owncloud ownCloud Server before 8.1.11, 8.2.x before 8.2.9, 9.0.x before 9.0.7, and 9.1.x before 9.1.3 allows remote authenticated users to cause a denial of service (server hang and logfile flooding) via a one bit BMP file. | 6.5 |
| 2017-03-03 | CVE-2017-5866 | Information Exposure vulnerability in Owncloud The autocomplete feature in the E-Mail share dialog in ownCloud Server before 8.1.11, 8.2.x before 8.2.9, 9.0.x before 9.0.7, and 9.1.x before 9.1.3 allows remote authenticated users to obtain sensitive information via unspecified vectors. | 4.3 |