Vulnerabilities
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2017-04-03 | CVE-2016-10220 | NULL Pointer Dereference vulnerability in Artifex Ghostscript 9.20 The gs_makewordimagedevice function in base/gsdevmem.c in Artifex Software, Inc. | 5.5 |
| 2017-04-03 | CVE-2016-10219 | Divide By Zero vulnerability in Artifex Ghostscript 9.20 The intersect function in base/gxfill.c in Artifex Software, Inc. | 5.5 |
| 2017-04-03 | CVE-2016-10218 | NULL Pointer Dereference vulnerability in Artifex Ghostscript 9.20 The pdf14_pop_transparency_group function in base/gdevp14.c in the PDF Transparency module in Artifex Software, Inc. | 5.5 |
| 2017-04-03 | CVE-2016-10217 | Use After Free vulnerability in Artifex Ghostscript 9.20 The pdf14_open function in base/gdevp14.c in Artifex Software, Inc. | 5.5 |
| 2017-04-03 | CVE-2016-10211 | Use After Free vulnerability in Virustotal Yara 3.5.0 libyara/grammar.y in YARA 3.5.0 allows remote attackers to cause a denial of service (use-after-free and application crash) via a crafted rule that is mishandled in the yr_parser_lookup_loop_variable function. | 7.5 |
| 2017-04-03 | CVE-2016-10210 | NULL Pointer Dereference vulnerability in Virustotal Yara 3.5.0 libyara/lexer.l in YARA 3.5.0 allows remote attackers to cause a denial of service (NULL pointer dereference and application crash) via a crafted rule that is mishandled in the yy_get_next_buffer function. | 7.5 |
| 2017-04-03 | CVE-2016-10209 | NULL Pointer Dereference vulnerability in Libarchive 3.2.2 The archive_wstring_append_from_mbs function in archive_string.c in libarchive 3.2.2 allows remote attackers to cause a denial of service (NULL pointer dereference and application crash) via a crafted archive file. | 5.5 |
| 2017-04-03 | CVE-2017-1001000 | Unspecified vulnerability in Wordpress 4.7/4.7.1/4.7.2 The register_routes function in wp-includes/rest-api/endpoints/class-wp-rest-posts-controller.php in the REST API in WordPress 4.7.x before 4.7.2 does not require an integer identifier, which allows remote attackers to modify arbitrary pages via a request for wp-json/wp/v2/posts followed by a numeric value and a non-numeric value, as demonstrated by the wp-json/wp/v2/posts/123?id=123helloworld URI. | 7.5 |
| 2017-04-02 | CVE-2016-8803 | Permissions, Privileges, and Access Controls vulnerability in Huawei Fusionstorage V100R003C30U1 The maintenance module in Huawei FusionStorage V100R003C30U1 allows attackers to create documents according to special rules to obtain the OS root privilege of FusionStorage. | 7.5 |
| 2017-04-02 | CVE-2016-8802 | Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in Huawei products The security policy processing module in Huawei Secospace USG6300 with software V500R001C20SPC100, V500R001C20SPC101, V500R001C20SPC200; Secospace USG6500 with software V500R001C20SPC100, V500R001C20SPC101, V500R001C20SPC200; Secospace USG6600 with software V500R001C20SPC100, V500R001C20SPC101, V500R001C20SPC200 allows authenticated attackers to setup a specific security policy into the devices, causing a buffer overflow and crashing the system. | 6.5 |