Vulnerabilities
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2017-02-20 | CVE-2016-4661 | Improper Input Validation vulnerability in Apple mac OS X An issue was discovered in certain Apple products. | 5.5 |
| 2017-02-20 | CVE-2016-4660 | Information Exposure vulnerability in Apple products An issue was discovered in certain Apple products. | 7.1 |
| 2017-02-20 | CVE-2016-4617 | Permissions, Privileges, and Access Controls vulnerability in Apple mac OS X An issue was discovered in certain Apple products. | 8.8 |
| 2017-02-20 | CVE-2016-4613 | Information Exposure vulnerability in Apple products An issue was discovered in certain Apple products. | 6.5 |
| 2017-02-18 | CVE-2017-6074 | Double Free vulnerability in multiple products The dccp_rcv_state_process function in net/dccp/input.c in the Linux kernel through 4.9.11 mishandles DCCP_PKT_REQUEST packet data structures in the LISTEN state, which allows local users to obtain root privileges or cause a denial of service (double free) via an application that makes an IPV6_RECVPKTINFO setsockopt system call. | 7.8 |
| 2017-02-18 | CVE-2017-6001 | Race Condition vulnerability in Linux Kernel Race condition in kernel/events/core.c in the Linux kernel before 4.9.7 allows local users to gain privileges via a crafted application that makes concurrent perf_event_open system calls for moving a software group into a hardware context. | 7.0 |
| 2017-02-18 | CVE-2017-5986 | Reachable Assertion vulnerability in Linux Kernel Race condition in the sctp_wait_for_sndbuf function in net/sctp/socket.c in the Linux kernel before 4.9.11 allows local users to cause a denial of service (assertion failure and panic) via a multithreaded application that peels off an association in a certain buffer-full state. | 5.5 |
| 2017-02-17 | CVE-2017-6065 | SQL Injection vulnerability in Metalgenix Genixcms SQL injection vulnerability in inc/lib/Control/Backend/menus.control.php in GeniXCMS through 1.0.2 allows remote authenticated users to execute arbitrary SQL commands via the order parameter. | 8.8 |
| 2017-02-17 | CVE-2017-6055 | XXE vulnerability in Eparaksts Eparakstitajs 3 1.3.0/1.3.8 XML external entity (XXE) vulnerability in eParakstitajs 3 before 1.3.9 and eParaksts Java lib before 2.5.13 allows remote attackers to read arbitrary files or possibly have unspecified other impact via a crafted edoc file. | 7.8 |
| 2017-02-17 | CVE-2016-7511 | Integer Overflow or Wraparound vulnerability in Libdwarf Project Libdwarf 20160613 Integer overflow in the dwarf_die_deliv.c in libdwarf 20160613 allows remote attackers to cause a denial of service (crash) via a crafted file. | 5.5 |