Vulnerabilities
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2017-04-10 | CVE-2015-7273 | XXE vulnerability in Dell Integrated Remote Access Controller Firmware 1.99/2.20.20.20 Dell Integrated Remote Access Controller (iDRAC) 7/8 before 2.21.21.21 has XXE. | 9.8 |
| 2017-04-10 | CVE-2015-7272 | Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in Dell Integrated Remote Access Controller Firmware 1.99/2.20.20.20 Dell Integrated Remote Access Controller (iDRAC) 6 before 2.80 and 7/8 before 2.21.21.21 allows attackers to cause a denial of service (buffer overflow) or possibly have unspecified other impact via a long SSH username or input. | 9.8 |
| 2017-04-10 | CVE-2015-7271 | Use of Externally-Controlled Format String vulnerability in Dell Integrated Remote Access Controller Firmware 1.99/2.20.20.20 Dell Integrated Remote Access Controller (iDRAC) 7/8 before 2.21.21.21 has a format string issue in racadm getsystinfo. | 9.8 |
| 2017-04-10 | CVE-2015-7270 | Path Traversal vulnerability in Dell Integrated Remote Access Controller Firmware 1.99/2.20.20.20 Dell Integrated Remote Access Controller (iDRAC) 6 before 2.80 and 7/8 before 2.21.21.21 allows directory traversal. | 7.8 |
| 2017-04-10 | CVE-2015-7265 | Improper Access Control vulnerability in Proxygen Project Proxygen Facebook Proxygen before 2015-11-09 mismanages HTTPMessage.request state, which allows remote attackers to conduct hijacking attacks and bypass ACL checks. | 7.5 |
| 2017-04-10 | CVE-2015-7264 | Injection vulnerability in Proxygen Project Proxygen The SPDY/2 codec in Facebook Proxygen before 2015-11-09 truncates a certain field to two bytes, which allows hijacking and injection attacks. | 9.8 |
| 2017-04-10 | CVE-2015-7263 | Improper Access Control vulnerability in Proxygen Project Proxygen The SPDY/2 codec in Facebook Proxygen before 2015-11-09 allows remote attackers to conduct hijacking attacks and bypass ACL checks via a crafted host value. | 7.5 |
| 2017-04-10 | CVE-2015-7260 | Permissions, Privileges, and Access Controls vulnerability in Vertiv Liebert Multilink Automated Shutdown 4.2.4 Liebert MultiLink Automated Shutdown v4.2.4 allows local users to gain privileges by replacing the LiebertM executable file. | 7.8 |
| 2017-04-10 | CVE-2015-6035 | Cross-site Scripting vulnerability in Opsview Opsview before 2015-11-06 has XSS via SNMP. | 6.1 |
| 2017-04-10 | CVE-2015-6028 | SQL Injection vulnerability in Castlerock Snmpc 12.1/9.0 Castle Rock Computing SNMPc before 2015-12-17 has SQL injection via the sc parameter. | 8.8 |