Vulnerabilities > 7PK - Security Features
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2019-05-10 | CVE-2019-5495 | 7PK - Security Features vulnerability in Netapp Oncommand Unified Manager OnCommand Unified Manager for VMware vSphere, Linux and Windows prior to 9.5 shipped without certain HTTP Security headers configured which could allow an attacker to obtain sensitive information via unspecified vectors. | 5.0 |
| 2019-05-06 | CVE-2019-10249 | 7PK - Security Features vulnerability in Eclipse Xtend and Xtext All Xtext & Xtend versions prior to 2.18.0 were built using HTTP instead of HTTPS file transfer and thus the built artifacts may have been compromised. | 6.8 |
| 2019-05-01 | CVE-2019-11636 | 7PK - Security Features vulnerability in Z.Cash Zcash Zcash 2.x allows an inexpensive approach to "fill all transactions of all blocks" and "prevent any real transaction from occurring" via a "Sapling Wood-Chipper" attack. | 5.0 |
| 2019-04-22 | CVE-2016-1585 | 7PK - Security Features vulnerability in Canonical Apparmor In all versions of AppArmor mount rules are accidentally widened when compiled. | 9.8 |
| 2019-04-22 | CVE-2014-1428 | 7PK - Security Features vulnerability in Canonical Metal AS A Service 1.9.0/1.9.1 A vulnerability in generate_filestorage_key of Ubuntu MAAS allows an attacker to brute-force filenames. | 5.0 |
| 2019-04-22 | CVE-2011-3145 | 7PK - Security Features vulnerability in Mount.Ecrpytfs Private Project Mount.Ecrpytfs Private When mount.ecrpytfs_private before version 87-0ubuntu1.2 calls setreuid() it doesn't also set the effective group id. | 7.5 |
| 2019-04-18 | CVE-2016-10746 | 7PK - Security Features vulnerability in multiple products libvirt-domain.c in libvirt before 1.3.1 supports virDomainGetTime API calls by guest agents with an RO connection, even though an RW connection was supposed to be required, a different vulnerability than CVE-2019-3886. | 5.0 |
| 2019-04-10 | CVE-2019-0041 | 7PK - Security Features vulnerability in Juniper Junos 18.2 On EX4300-MP Series devices with any lo0 filters applied, transit network traffic may reach the control plane via loopback interface (lo0). | 5.0 |
| 2019-04-07 | CVE-2019-10741 | 7PK - Security Features vulnerability in K-9 Mail Project K-9 Mail 5.600 K-9 Mail v5.600 can include the original quoted HTML code of a specially crafted, benign looking, email within (digitally signed) reply messages. | 4.3 |
| 2019-03-27 | CVE-2017-2752 | 7PK - Security Features vulnerability in HP Tommy Hilfiger Th24/7 A potential security vulnerability caused by incomplete obfuscation of application configuration information was discovered in Tommy Hilfiger TH24/7 Android app versions 2.0.0.11, 2.0.1.14, 2.1.0.16, and 2.2.0.19. | 2.1 |