Vulnerabilities > 7PK - Security Features
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2018-06-11 | CVE-2016-9900 | 7PK - Security Features vulnerability in multiple products External resources that should be blocked when loaded by SVG images can bypass security restrictions through the use of "data:" URLs. | 7.5 |
| 2018-06-11 | CVE-2016-9895 | 7PK - Security Features vulnerability in multiple products Event handlers on "marquee" elements were executed despite a strict Content Security Policy (CSP) that disallowed inline JavaScript. | 6.1 |
| 2018-06-11 | CVE-2016-9072 | 7PK - Security Features vulnerability in Mozilla Firefox When a new Firefox profile is created on 64-bit Windows installations, the sandbox for 64-bit NPAPI plugins is not enabled by default. | 7.5 |
| 2018-06-11 | CVE-2016-9071 | 7PK - Security Features vulnerability in Mozilla Firefox Content Security Policy combined with HTTP to HTTPS redirection can be used by malicious server to verify whether a known site is within a user's browser history. | 5.3 |
| 2018-05-31 | CVE-2016-10552 | 7PK - Security Features vulnerability in Infragistics Igniteui igniteui 0.0.5 and earlier downloads JavaScript and CSS resources over insecure protocol. | 7.4 |
| 2018-05-29 | CVE-2015-9243 | 7PK - Security Features vulnerability in Hapijs Hapi When server level, connection level or route level CORS configurations in hapi node module before 11.1.4 are combined and when a higher level config included security restrictions (like origin), a higher level config that included security restrictions (like origin) would have those restrictions overridden by less restrictive defaults (e.g. | 5.9 |
| 2018-04-18 | CVE-2016-10443 | 7PK - Security Features vulnerability in Qualcomm products In Android before 2018-04-05 or earlier security patch level on Qualcomm Snapdragon Automobile, Snapdragon Mobile, and Snapdragon Wear MDM9206, MDM9607, MDM9635M, MDM9640, MDM9645, MDM9650, MSM8909W, SD 210/SD 212/SD 205, SD 410/12, SD 425, SD 430, SD 450, SD 615/16/SD 415, SD 617, SD 625, SD 650/52, SD 808, SD 810, SD 820, SD 820A, SD 835, SD 845, and SD 850, packet replay may be possible. | 6.8 |
| 2018-04-18 | CVE-2014-10063 | 7PK - Security Features vulnerability in Qualcomm Mdm9625 Firmware and SD 800 Firmware In Android before 2018-04-05 or earlier security patch level on Qualcomm Snapdragon Mobile MDM9625 and SD 800, a fuse is not correctly blown on a secure device. | 7.5 |
| 2018-04-05 | CVE-2018-4863 | 7PK - Security Features vulnerability in Sophos Endpoint Protection 10.7 Sophos Endpoint Protection 10.7 allows local users to bypass an intended tamper protection mechanism by deleting the HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\services\Sophos Endpoint Defense\ registry key. | 5.5 |
| 2018-03-21 | CVE-2016-10717 | 7PK - Security Features vulnerability in Malwarebytes Anti-Malware 2.2.1 A vulnerability in the encryption and permission implementation of Malwarebytes Anti-Malware consumer version 2.2.1 and prior (fixed in 3.0.4) allows an attacker to take control of the whitelisting feature (exclusions.dat under %SYSTEMDRIVE%\ProgramData) to permit execution of unauthorized applications including malware and malicious websites. | 7.8 |