Vulnerabilities

DATE CVE VULNERABILITY TITLE RISK
2017-01-25 CVE-2017-5596 Infinite Loop vulnerability in Wireshark
In Wireshark 2.2.0 to 2.2.3 and 2.0.0 to 2.0.9, the ASTERIX dissector could go into an infinite loop, triggered by packet injection or a malformed capture file.
network
low complexity
wireshark CWE-835
7.5
2017-01-25 CVE-2016-9307 Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in Autodesk FBX Software Development KIT
Multiple buffer overflows in the Autodesk FBX-SDK before 2017.1 can allow attackers to execute arbitrary code when reading or converting malformed 3DS format files.
network
low complexity
autodesk CWE-119
critical
9.8
2017-01-25 CVE-2016-9306 Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in Autodesk FBX Software Development KIT
Multiple buffer overflows in the Autodesk FBX-SDK before 2017.1 can allow attackers to execute arbitrary code when reading or converting malformed DAE format files.
network
low complexity
autodesk CWE-119
critical
9.8
2017-01-25 CVE-2016-9305 Data Processing Errors vulnerability in Autodesk FBX Software Development KIT
Improper handling in the Autodesk FBX-SDK before 2017.1 of type mismatches and previously deleted objects related to reading and converting malformed FBX format files can allow attackers to gain access to uninitialized pointers.
network
low complexity
autodesk CWE-19
critical
9.8
2017-01-25 CVE-2016-9304 Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in Autodesk FBX Software Development KIT
Multiple buffer overflows in the Autodesk FBX-SDK before 2017.1 can allow attackers to execute arbitrary code when reading or converting malformed DFX format files.
network
low complexity
autodesk CWE-119
8.8
2017-01-25 CVE-2016-9303 Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in Autodesk FBX Software Development KIT
Multiple buffer overflows in the Autodesk FBX-SDK before 2017.1 can allow attackers to execute arbitrary code or cause an infinite loop condition when reading or converting malformed FBX format files.
network
low complexity
autodesk CWE-119
critical
9.8
2017-01-25 CVE-2017-5594 Weak Password Recovery Mechanism for Forgotten Password vulnerability in Pagekit
An issue was discovered in Pagekit CMS before 1.0.11.
network
high complexity
pagekit CWE-640
7.5
2017-01-25 CVE-2016-8215 Cross-site Scripting vulnerability in EMC RSA Security Analytics
EMC RSA Security Analytics 10.5.3 and 10.6.2 contains fixes for a Reflected Cross-Site Scripting vulnerability that could potentially be exploited by malicious users to compromise the affected system.
network
low complexity
emc CWE-79
6.1
2017-01-25 CVE-2016-8214 Permission Issues vulnerability in EMC Avamar Data Store and Avamar Virtual Edition
EMC Avamar Data Store (ADS) and Avamar Virtual Edition (AVE) versions 7.3.0 and 7.3.1 contain a vulnerability that may allow malicious administrators to compromise Avamar servers.
local
low complexity
emc CWE-275
6.7
2017-01-24 CVE-2016-10162 NULL Pointer Dereference vulnerability in PHP
The php_wddx_pop_element function in ext/wddx/wddx.c in PHP 7.0.x before 7.0.15 and 7.1.x before 7.1.1 allows remote attackers to cause a denial of service (NULL pointer dereference and application crash) via an inapplicable class name in a wddxPacket XML document, leading to mishandling in a wddx_deserialize call.
network
low complexity
php CWE-476
7.5