Vulnerabilities
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2017-02-20 | CVE-2016-4613 | Information Exposure vulnerability in Apple products An issue was discovered in certain Apple products. | 6.5 |
| 2017-02-18 | CVE-2017-6074 | Double Free vulnerability in multiple products The dccp_rcv_state_process function in net/dccp/input.c in the Linux kernel through 4.9.11 mishandles DCCP_PKT_REQUEST packet data structures in the LISTEN state, which allows local users to obtain root privileges or cause a denial of service (double free) via an application that makes an IPV6_RECVPKTINFO setsockopt system call. | 7.8 |
| 2017-02-18 | CVE-2017-6001 | Race Condition vulnerability in Linux Kernel Race condition in kernel/events/core.c in the Linux kernel before 4.9.7 allows local users to gain privileges via a crafted application that makes concurrent perf_event_open system calls for moving a software group into a hardware context. | 7.0 |
| 2017-02-18 | CVE-2017-5986 | Reachable Assertion vulnerability in Linux Kernel Race condition in the sctp_wait_for_sndbuf function in net/sctp/socket.c in the Linux kernel before 4.9.11 allows local users to cause a denial of service (assertion failure and panic) via a multithreaded application that peels off an association in a certain buffer-full state. | 5.5 |
| 2017-02-17 | CVE-2017-6065 | SQL Injection vulnerability in Metalgenix Genixcms SQL injection vulnerability in inc/lib/Control/Backend/menus.control.php in GeniXCMS through 1.0.2 allows remote authenticated users to execute arbitrary SQL commands via the order parameter. | 8.8 |
| 2017-02-17 | CVE-2017-6055 | XXE vulnerability in Eparaksts Eparakstitajs 3 1.3.0/1.3.8 XML external entity (XXE) vulnerability in eParakstitajs 3 before 1.3.9 and eParaksts Java lib before 2.5.13 allows remote attackers to read arbitrary files or possibly have unspecified other impact via a crafted edoc file. | 7.8 |
| 2017-02-17 | CVE-2016-7511 | Integer Overflow or Wraparound vulnerability in Libdwarf Project Libdwarf 20160613 Integer overflow in the dwarf_die_deliv.c in libdwarf 20160613 allows remote attackers to cause a denial of service (crash) via a crafted file. | 5.5 |
| 2017-02-17 | CVE-2016-7510 | Out-of-bounds Read vulnerability in Libdwarf Project Libdwarf The read_line_table_program function in dwarf_line_table_reader_common.c in libdwarf before 20160923 allows remote attackers to cause a denial of service (out-of-bounds read) via crafted input. | 6.5 |
| 2017-02-17 | CVE-2016-7111 | Cross-site Scripting vulnerability in Mantisbt MantisBT before 1.3.1 and 2.x before 2.0.0-beta.2 uses a weak Content Security Policy when using the Gravatar plugin, which allows remote attackers to conduct cross-site scripting (XSS) attacks via unspecified vectors. | 4.7 |
| 2017-02-17 | CVE-2016-6875 | Unspecified vulnerability in Facebook Hhvm Infinite recursion in wddx in Facebook HHVM before 3.15.0 allows attackers to have unspecified impact via unknown vectors. | 9.8 |