Vulnerabilities > 7PK - Security Features
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2018-03-09 | CVE-2016-0274 | 7PK - Security Features vulnerability in IBM Financial Transaction Manager IBM Financial Transaction Manager (FTM) for ACH Services for Multi-Platform 2.1.1.2 and 3.0.0.x before fp0013, Financial Transaction Manager (FTM) for Check Services for Multi-Platform 2.1.1.2 and 3.0.0.x before fp0013, and Financial Transaction Manager (FTM) for Corporate Payment Services (CPS) for Multi-Platform 2.1.1.2 and 3.0.0.x before fp0013 allows remote attackers to conduct clickjacking attacks via a crafted web site. | 5.4 |
| 2018-02-19 | CVE-2016-9568 | 7PK - Security Features vulnerability in Carbonblack Carbon Black 5.1.1.60603 A security design issue can allow an unprivileged user to interact with the Carbon Black Sensor and perform unauthorized actions. | 9.8 |
| 2018-02-08 | CVE-2011-4889 | 7PK - Security Features vulnerability in IBM Websphere Application Server The javax.naming.directory.AttributeInUseException class in the Virtual Member Manager in IBM WebSphere Application Server (WAS) 6.1 before 6.1.0.43, 7.0 before 7.0.0.21, and 8.0 before 8.0.0.2 does not properly update passwords on a configuration using Tivoli Directory Server, which might allow remote attackers to gain access to an application by leveraging knowledge of an old password. | 9.8 |
| 2018-02-03 | CVE-2009-5144 | 7PK - Security Features vulnerability in MOD Gnutls Project MOD Gnutls mod-gnutls does not validate client certificates when "GnuTLSClientVerify require" is set in a directory context, which allows remote attackers to spoof clients via a crafted certificate. | 7.5 |
| 2018-01-23 | CVE-2015-1142857 | 7PK - Security Features vulnerability in multiple products On multiple SR-IOV cars it is possible for VF's assigned to guests to send ethernet flow control pause frames via the PF. | 8.6 |
| 2018-01-12 | CVE-2016-0332 | 7PK - Security Features vulnerability in IBM Security Identity Manager Virtual Appliance IBM Security Identity Manager (ISIM) Virtual Appliance 7.0.0.0 through 7.0.1.0 before 7.0.1-ISS-SIM-FP0001 do not properly restrict failed login attempts, which makes it easier for remote attackers to obtain access via a brute-force approach. | 9.8 |
| 2018-01-08 | CVE-2014-5334 | 7PK - Security Features vulnerability in Freenas FreeNAS before 9.3-M3 has a blank admin password, which allows remote attackers to gain root privileges by leveraging a WebGui login. | 9.8 |
| 2017-11-30 | CVE-2017-1000406 | 7PK - Security Features vulnerability in Opendaylight Karaf 0.6.1Carbon OpenDaylight Karaf 0.6.1-Carbon fails to clear the cache after a password change, allowing the old password to be used until the Karaf cache is manually cleared (e.g. | 7.5 |
| 2017-11-27 | CVE-2015-7269 | 7PK - Security Features vulnerability in Seagate St500Lt015 Firmware Seagate ST500LT015 hard disk drives, when operating in eDrive mode on Lenovo ThinkPad W541 laptops with BIOS 2.21, allow physically proximate attackers to bypass self-encrypting drive (SED) protection by attaching a second SATA connector to exposed pins, maintaining an alternate power source, and attaching the data cable to another machine, aka a "Hot Unplug Attack." | 4.2 |
| 2017-11-27 | CVE-2015-7268 | 7PK - Security Features vulnerability in multiple products Samsung 850 Pro and PM851 solid-state drives and Seagate ST500LT015 and ST500LT025 hard disk drives, when used on Windows and operating in Opal mode on Lenovo ThinkPad T440s laptops with BIOS 2.32 or ThinkPad W541 laptops with BIOS 2.21, or in Opal or eDrive mode on Dell Latitude E6410 laptops with BIOS A16 or Latitude E6430 laptops with BIOS A16, allow physically proximate attackers to bypass self-encrypting drive (SED) protection by triggering a soft reset and booting from an alternative OS, aka a "Forced Restart Attack." | 4.2 |