Vulnerabilities
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2017-01-23 | CVE-2017-5553 | Cross-site Scripting vulnerability in B2Evolution Cross-site scripting (XSS) vulnerability in plugins/markdown_plugin/_markdown.plugin.php in b2evolution before 6.8.5 allows remote authenticated users to inject arbitrary web script or HTML via a javascript: URL. | 5.4 |
| 2017-01-23 | CVE-2017-5544 | Resource Exhaustion vulnerability in Fiberhome Fengine S5800 Firmware V210R240 An issue was discovered on FiberHome Fengine S5800 switches V210R240. | 5.9 |
| 2017-01-23 | CVE-2017-5539 | Path Traversal vulnerability in B2Evolution 6.8.4 The patch for directory traversal (CVE-2017-5480) in b2evolution version 6.8.4-stable has a bypass vulnerability. | 9.1 |
| 2017-01-23 | CVE-2016-9870 | LDAP Injection vulnerability in EMC Isilon Onefs EMC Isilon OneFS 8.0.0.0, EMC Isilon OneFS 7.2.1.0 - 7.2.1.2, EMC Isilon OneFS 7.2.0.x, EMC Isilon OneFS 7.1.1.0 - 7.1.1.10, and EMC Isilon OneFS 7.1.0.x is affected by an LDAP injection vulnerability that could potentially be exploited by a malicious user to compromise the system. | 6.7 |
| 2017-01-23 | CVE-2016-8213 | Cross-site Scripting vulnerability in EMC products EMC Documentum WebTop Version 6.8, prior to P18 and Version 6.8.1, prior to P06; and EMC Documentum TaskSpace version 6.7SP3, prior to P02; and EMC Documentum Capital Projects Version 1.9, prior to P30 and Version 1.10, prior to P17; and EMC Documentum Administrator Version 7.0, Version 7.1, and Version 7.2 prior to P18 contain a Stored Cross-Site Scripting Vulnerability that could potentially be exploited by malicious users to compromise the affected system. | 6.1 |
| 2017-01-23 | CVE-2016-10157 | Code Injection vulnerability in Akamai Netsession 1.9.3.1 Akamai NetSession 1.9.3.1 is vulnerable to DLL Hijacking: it tries to load CSUNSAPI.dll without supplying the complete path. | 9.8 |
| 2017-01-23 | CVE-2016-10156 | Permissions, Privileges, and Access Controls vulnerability in Systemd Project Systemd 228 A flaw in systemd v228 in /src/basic/fs-util.c caused world writable suid files to be created when using the systemd timers features, allowing local attackers to escalate their privileges to root. | 7.8 |
| 2017-01-23 | CVE-2016-10104 | Inadequate Encryption Strength vulnerability in Hiteksoftware Automize Information Disclosure can occur in sshProfiles.jsd in Hitek Software's Automize because of the Read attribute being set for Users. | 5.9 |
| 2017-01-23 | CVE-2016-10103 | Inadequate Encryption Strength vulnerability in Hiteksoftware Automize Information Disclosure can occur in encryptionProfiles.jsd in Hitek Software's Automize because of the Read attribute being set for Users. | 8.1 |
| 2017-01-23 | CVE-2016-10102 | Inadequate Encryption Strength vulnerability in Hiteksoftware Automize hitek.jar in Hitek Software's Automize uses weak encryption when encrypting SSH/SFTP and Encryption profile passwords. | 8.1 |