Vulnerabilities
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2017-02-01 | CVE-2017-3790 | Improper Input Validation vulnerability in Cisco products A vulnerability in the received packet parser of Cisco Expressway Series and Cisco TelePresence Video Communication Server (VCS) software could allow an unauthenticated, remote attacker to cause a reload of the affected system, resulting in a denial of service (DoS) condition. | 8.6 |
| 2017-02-01 | CVE-2016-9225 | Resource Management Errors vulnerability in Cisco ASA CX Context-Aware Security Software A vulnerability in the data plane IP fragment handler of the Cisco Adaptive Security Appliance (ASA) CX Context-Aware Security module could allow an unauthenticated, remote attacker to cause the CX module to be unable to process further traffic, resulting in a denial of service (DoS) condition. | 8.6 |
| 2017-02-01 | CVE-2016-10079 | Improper Input Validation vulnerability in SAP Saplpd 7400.3.11.33 SAPlpd through 7400.3.11.33 in SAP GUI 7.40 on Windows has a Denial of Service vulnerability (service crash) with a long string to TCP port 515. | 7.5 |
| 2017-02-01 | CVE-2016-8491 | Use of Hard-coded Credentials vulnerability in Fortinet Fortiwlc The presence of a hardcoded account named 'core' in Fortinet FortiWLC allows attackers to gain unauthorized read/write access via a remote shell. | 9.1 |
| 2017-02-01 | CVE-2016-9963 | Key Management Errors vulnerability in multiple products Exim before 4.87.1 might allow remote attackers to obtain the private DKIM signing key via vectors related to log files and bounce messages. | 5.9 |
| 2017-02-01 | CVE-2016-4038 | Improper Input Validation vulnerability in Samsung Mobile 4.4/5.0/5.1 Array index error in the msm_sensor_config function in kernel/SM-G9008V_CHN_KK_Opensource/Kernel/drivers/media/platform/msm/camera_v2/sensor/msm_sensor.c in Samsung devices with Android KK(4.4) or L and an APQ8084, MSM8974, or MSM8974pro chipset allows local users to have unspecified impact via the gpio_config.gpio_name value. | 7.8 |
| 2017-02-01 | CVE-2016-10173 | Path Traversal vulnerability in Minitar Archive-Tar-Minitar and Minitar Directory traversal vulnerability in the minitar before 0.6 and archive-tar-minitar 0.5.2 gems for Ruby allows remote attackers to write to arbitrary files via a .. | 7.5 |
| 2017-02-01 | CVE-2016-10164 | Integer Overflow or Wraparound vulnerability in X.Org Libxpm Multiple integer overflows in libXpm before 3.5.12, when a program requests parsing XPM extensions on a 64-bit platform, allow remote attackers to cause a denial of service (out-of-bounds write) or execute arbitrary code via (1) the number of extensions or (2) their concatenated length in a crafted XPM file, which triggers a heap-based buffer overflow. | 9.8 |
| 2017-02-01 | CVE-2017-3823 | Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in Cisco products An issue was discovered in the Cisco WebEx Extension before 1.0.7 on Google Chrome, the ActiveTouch General Plugin Container before 106 on Mozilla Firefox, the GpcContainer Class ActiveX control plugin before 10031.6.2017.0126 on Internet Explorer, and the Download Manager ActiveX control plugin before 2.1.0.10 on Internet Explorer. | 8.8 |
| 2017-01-31 | CVE-2016-9962 | Race Condition vulnerability in Docker RunC allowed additional container processes via 'runc exec' to be ptraced by the pid 1 of the container. | 6.4 |