Vulnerabilities
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2017-01-27 | CVE-2016-10003 | Incorrect Comparison vulnerability in Squid-Cache Squid Incorrect HTTP Request header comparison in Squid HTTP Proxy 3.5.0.1 through 3.5.22, and 4.0.1 through 4.0.16 results in Collapsed Forwarding feature mistakenly identifying some private responses as being suitable for delivery to multiple clients. | 7.5 |
| 2017-01-27 | CVE-2016-10002 | Information Exposure vulnerability in multiple products Incorrect processing of responses to If-None-Modified HTTP conditional requests in Squid HTTP Proxy 3.1.10 through 3.1.23, 3.2.0.3 through 3.5.22, and 4.0.1 through 4.0.16 leads to client-specific Cookie data being leaked to other clients. | 7.5 |
| 2017-01-27 | CVE-2017-5599 | Cross-site Scripting vulnerability in Eclinicalworks Patient Portal 7.0 An issue was discovered in eClinicalWorks Patient Portal 7.0 build 13. | 6.1 |
| 2017-01-27 | CVE-2017-5598 | SQL Injection vulnerability in Eclinicalworks Patient Portal 8.0 An issue was discovered in eClinicalWorks healow@work 8.0 build 8. | 7.5 |
| 2017-01-26 | CVE-2016-9054 | Out-of-bounds Write vulnerability in Aerospike Database Server 3.10.0.3 An exploitable stack-based buffer overflow vulnerability exists in the querying functionality of Aerospike Database Server 3.10.0.3. | 9.8 |
| 2017-01-26 | CVE-2016-9052 | Out-of-bounds Write vulnerability in Aerospike Database Server 3.10.0.3 An exploitable stack-based buffer overflow vulnerability exists in the querying functionality of Aerospike Database Server 3.10.0.3. | 9.8 |
| 2017-01-26 | CVE-2016-9050 | Out-of-bounds Read vulnerability in Aerospike Database Server 3.10.0.3 An exploitable out-of-bounds read vulnerability exists in the client message-parsing functionality of Aerospike Database Server 3.10.0.3. | 8.2 |
| 2017-01-26 | CVE-2016-8710 | Out-of-bounds Write vulnerability in Libbpg Project Libbpg 0.9.4/0.9.7 An exploitable heap write out of bounds vulnerability exists in the decoding of BPG images in Libbpg library. | 7.8 |
| 2017-01-26 | CVE-2016-8227 | Improper Access Control vulnerability in Lenovo Transition Privilege escalation vulnerability in Lenovo Transition application used in Lenovo Yoga, Flex and Miix systems running Windows allows local users to execute code with elevated privileges. | 7.8 |
| 2017-01-26 | CVE-2016-8226 | Data Processing Errors vulnerability in Lenovo products The BIOS in Lenovo System X M5, M6, and X6 systems allows administrators to cause a denial of service via updating a UEFI data structure. | 4.9 |