Vulnerabilities
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2017-01-12 | CVE-2016-3149 | Unspecified vulnerability in Barco products Barco ClickShare CSC-1 devices with firmware before 01.09.03 and CSM-1 devices with firmware before 01.06.02 allow remote attackers to execute arbitrary code via unspecified vectors. | 9.8 |
| 2017-01-12 | CVE-2016-10027 | Race Condition vulnerability in multiple products Race condition in the XMPP library in Smack before 4.1.9, when the SecurityMode.required TLS setting has been set, allows man-in-the-middle attackers to bypass TLS protections and trigger use of cleartext for client authentication by stripping the "starttls" feature from a server response. | 5.9 |
| 2017-01-12 | CVE-2015-6501 | Open Redirect vulnerability in Puppet Enterprise Open redirect vulnerability in the Console in Puppet Enterprise before 2015.2.1 allows remote attackers to redirect users to arbitrary web sites and conduct phishing attacks via the string parameter. | 6.1 |
| 2017-01-12 | CVE-2016-8606 | Improper Access Control vulnerability in multiple products The REPL server (--listen) in GNU Guile 2.0.12 allows an attacker to execute arbitrary code via an HTTP inter-protocol attack. | 9.8 |
| 2017-01-12 | CVE-2016-8605 | Permission Issues vulnerability in multiple products The mkdir procedure of GNU Guile temporarily changed the process' umask to zero. | 5.3 |
| 2017-01-12 | CVE-2016-8221 | Permissions, Privileges, and Access Controls vulnerability in Lenovo Xclarity Administrator Privilege Escalation in Lenovo XClarity Administrator earlier than 1.2.0, if LXCA is used to manage rack switches or chassis with embedded input/output modules (IOMs), certain log files viewable by authenticated users may contain passwords for internal administrative LXCA accounts with temporary passwords that are used internally by LXCA code. | 7.0 |
| 2017-01-12 | CVE-2016-7791 | Improper Input Validation vulnerability in Exponentcms Exponent CMS 2.3.9 Exponent CMS 2.3.9 suffers from a remote code execution vulnerability in /install/index.php. | 9.8 |
| 2017-01-12 | CVE-2016-7790 | Improper Input Validation vulnerability in Exponentcms Exponent CMS 2.3.9 Exponent CMS 2.3.9 suffers from a remote code execution vulnerability in /install/index.php. | 9.8 |
| 2017-01-12 | CVE-2017-0404 | Unspecified vulnerability in Linux Kernel 3.10/3.18 An elevation of privilege vulnerability in the kernel sound subsystem could enable a local malicious application to execute arbitrary code within the context of the kernel. | 7.0 |
| 2017-01-12 | CVE-2017-0403 | Unspecified vulnerability in Linux Kernel 3.10/3.18 An elevation of privilege vulnerability in the kernel performance subsystem could enable a local malicious application to execute arbitrary code within the context of the kernel. | 7.0 |