Vulnerabilities
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2017-01-27 | CVE-2016-9453 | Out-of-bounds Write vulnerability in multiple products The t2p_readwrite_pdf_image_tile function in LibTIFF allows remote attackers to cause a denial of service (out-of-bounds write and crash) or possibly execute arbitrary code via a JPEG file with a TIFFTAG_JPEGTABLES of length one. | 7.8 |
| 2017-01-27 | CVE-2016-9448 | NULL Pointer Dereference vulnerability in multiple products The TIFFFetchNormalTag function in LibTiff 4.0.6 allows remote attackers to cause a denial of service (NULL pointer dereference and crash) by setting the tags TIFF_SETGET_C16ASCII or TIFF_SETGET_C32_ASCII to values that access 0-byte arrays. | 7.5 |
| 2017-01-27 | CVE-2016-8411 | Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in Google Android Buffer overflow vulnerability while processing QMI QOS TLVs. | 9.8 |
| 2017-01-27 | CVE-2016-1551 | 7PK - Security Features vulnerability in multiple products ntpd in NTP 4.2.8p3 and NTPsec a5fb34b9cc89b92a8fef2f459004865c93bb7f92 relies on the underlying operating system to protect it from requests that impersonate reference clocks. | 3.7 |
| 2017-01-27 | CVE-2016-10003 | Incorrect Comparison vulnerability in Squid-Cache Squid Incorrect HTTP Request header comparison in Squid HTTP Proxy 3.5.0.1 through 3.5.22, and 4.0.1 through 4.0.16 results in Collapsed Forwarding feature mistakenly identifying some private responses as being suitable for delivery to multiple clients. | 7.5 |
| 2017-01-27 | CVE-2016-10002 | Information Exposure vulnerability in multiple products Incorrect processing of responses to If-None-Modified HTTP conditional requests in Squid HTTP Proxy 3.1.10 through 3.1.23, 3.2.0.3 through 3.5.22, and 4.0.1 through 4.0.16 leads to client-specific Cookie data being leaked to other clients. | 7.5 |
| 2017-01-27 | CVE-2017-5599 | Cross-site Scripting vulnerability in Eclinicalworks Patient Portal 7.0 An issue was discovered in eClinicalWorks Patient Portal 7.0 build 13. | 6.1 |
| 2017-01-27 | CVE-2017-5598 | SQL Injection vulnerability in Eclinicalworks Patient Portal 8.0 An issue was discovered in eClinicalWorks healow@work 8.0 build 8. | 7.5 |
| 2017-01-26 | CVE-2016-9054 | Out-of-bounds Write vulnerability in Aerospike Database Server 3.10.0.3 An exploitable stack-based buffer overflow vulnerability exists in the querying functionality of Aerospike Database Server 3.10.0.3. | 9.8 |
| 2017-01-26 | CVE-2016-9052 | Out-of-bounds Write vulnerability in Aerospike Database Server 3.10.0.3 An exploitable stack-based buffer overflow vulnerability exists in the querying functionality of Aerospike Database Server 3.10.0.3. | 9.8 |