Vulnerabilities

DATE CVE VULNERABILITY TITLE RISK
2017-02-10 CVE-2016-8713 Out-of-bounds Write vulnerability in Gonitro Nitro PDF PRO 10.5.5.9
A remote out of bound write / memory corruption vulnerability exists in the PDF parsing functionality of Nitro Pro 10.5.9.9.
local
low complexity
gonitro CWE-787
7.8
7.8
2017-02-10 CVE-2016-8711 Unspecified vulnerability in Gonitro Nitro PDF PRO 10.5.5.9/10.5.9.9
A potential remote code execution vulnerability exists in the PDF parsing functionality of Nitro Pro 10.
local
low complexity
gonitro
7.8
7.8
2017-02-10 CVE-2016-8709 Out-of-bounds Write vulnerability in Gonitro Nitro PDF PRO 10.5.5.9/10.5.9.9
A remote out of bound write / memory corruption vulnerability exists in the PDF parsing functionality of Nitro Pro 10.
local
low complexity
gonitro CWE-787
7.8
7.8
2017-02-10 CVE-2017-5954 Deserialization of Untrusted Data vulnerability in Serialize-To-Js Project Serialize-To-Js 0.5.0
An issue was discovered in the serialize-to-js package 0.5.0 for Node.js.
network
low complexity
serialize-to-js-project CWE-502
critical
 9.8
9.8
2017-02-10 CVE-2017-5953 Integer Overflow or Wraparound vulnerability in VIM
vim before patch 8.0.0322 does not properly validate values for tree length when handling a spell file, which may result in an integer overflow at a memory allocation site and a resultant buffer overflow.
network
low complexity
vim CWE-190
critical
 9.8
9.8
2017-02-10 CVE-2017-5945 Cross-site Scripting vulnerability in Poodll Moodle-Filter Poodll
An issue was discovered in the PoodLL Filter plugin through 3.0.20 for Moodle.
network
low complexity
poodll CWE-79
6.1
6.1
2017-02-10 CVE-2017-5942 Cross-site Scripting vulnerability in WP Mail Project WP Mail 1.1
An issue was discovered in the WP Mail plugin before 1.2 for WordPress.
network
low complexity
wp-mail-project CWE-79
6.1
6.1
2017-02-10 CVE-2016-10216 Cross-site Scripting vulnerability in Sivann IT Items Database
An issue was discovered in IT ITems DataBase (ITDB) through 1.23.
network
low complexity
sivann CWE-79
6.1
6.1
2017-02-10 CVE-2016-10215 Cross-site Scripting vulnerability in Fastspot Bigtree-Form-Builder 1.0/1.0.1/1.1
An issue was discovered in Fastspot BigTree bigtree-form-builder before 1.2.
network
low complexity
fastspot CWE-79
6.1
6.1
2017-02-09 CVE-2017-5858 Origin Validation Error vulnerability in Conversejs Converse.Js
An incorrect implementation of "XEP-0280: Message Carbons" in multiple XMPP clients allows a remote attacker to impersonate any user, including contacts, in the vulnerable application's display.
network
high complexity
conversejs CWE-346
5.9
5.9