Vulnerabilities
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2017-02-15 | CVE-2016-1888 | Improper Authentication vulnerability in Freebsd The telnetd service in FreeBSD 9.3, 10.1, 10.2, 10.3, and 11.0 allows remote attackers to inject arguments to login and bypass authentication via vectors involving a "sequence of memory allocation failures." | 7.5 |
| 2017-02-15 | CVE-2016-1883 | Permissions, Privileges, and Access Controls vulnerability in Freebsd 10.1/10.2/9.3 The issetugid system call in the Linux compatibility layer in FreeBSD 9.3, 10.1, and 10.2 allows local users to gain privilege via unspecified vectors. | 7.8 |
| 2017-02-15 | CVE-2016-1881 | Permissions, Privileges, and Access Controls vulnerability in Freebsd 10.1/10.2/9.3 The kernel in FreeBSD 9.3, 10.1, and 10.2 allows local users to cause a denial of service (crash) or potentially gain privilege via a crafted Linux compatibility layer setgroups system call. | 7.8 |
| 2017-02-15 | CVE-2016-1880 | Permissions, Privileges, and Access Controls vulnerability in Freebsd 10.1/10.2/9.3 The Linux compatibility layer in the kernel in FreeBSD 9.3, 10.1, and 10.2 allows local users to read portions of kernel memory and potentially gain privilege via unspecified vectors, related to "handling of Linux futex robust lists." | 7.8 |
| 2017-02-15 | CVE-2016-10089 | Permissions, Privileges, and Access Controls vulnerability in Nagios Nagios 4.3.2 and earlier allows local users to gain root privileges via a hard link attack on the Nagios init script file, related to CVE-2016-8641. | 7.8 |
| 2017-02-15 | CVE-2015-8979 | Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in multiple products Stack-based buffer overflow in the parsePresentationContext function in storescp in DICOM dcmtk-3.6.0 and earlier allows remote attackers to cause a denial of service (segmentation fault) via a long string sent to TCP port 4242. | 7.5 |
| 2017-02-15 | CVE-2013-7459 | Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in multiple products Heap-based buffer overflow in the ALGnew function in block_templace.c in Python Cryptography Toolkit (aka pycrypto) allows remote attackers to execute arbitrary code as demonstrated by a crafted iv parameter to cryptmsg.py. | 9.8 |
| 2017-02-15 | CVE-2017-5991 | NULL Pointer Dereference vulnerability in multiple products An issue was discovered in Artifex MuPDF before 1912de5f08e90af1d9d0a9791f58ba3afdb9d465. | 7.5 |
| 2017-02-15 | CVE-2017-5990 | Cross-site Scripting vulnerability in Phreesoft Phreebookserp An issue was discovered in PhreeBooksERP before 2017-02-13. | 6.1 |
| 2017-02-15 | CVE-2017-2996 | Out-of-bounds Write vulnerability in Adobe Flash Player and Flash Player Desktop Runtime Adobe Flash Player versions 24.0.0.194 and earlier have an exploitable memory corruption vulnerability in Primetime SDK. | 8.8 |