Vulnerabilities > 7PK - Security Features
DATE | CVE | VULNERABILITY TITLE | RISK |
---|---|---|---|
2018-05-31 | CVE-2016-10552 | 7PK - Security Features vulnerability in Infragistics Igniteui igniteui 0.0.5 and earlier downloads JavaScript and CSS resources over insecure protocol. | 5.8 |
2018-05-29 | CVE-2015-9243 | 7PK - Security Features vulnerability in Hapijs Hapi When server level, connection level or route level CORS configurations in hapi node module before 11.1.4 are combined and when a higher level config included security restrictions (like origin), a higher level config that included security restrictions (like origin) would have those restrictions overridden by less restrictive defaults (e.g. | 4.3 |
2018-04-18 | CVE-2016-10443 | 7PK - Security Features vulnerability in Qualcomm products In Android before 2018-04-05 or earlier security patch level on Qualcomm Snapdragon Automobile, Snapdragon Mobile, and Snapdragon Wear MDM9206, MDM9607, MDM9635M, MDM9640, MDM9645, MDM9650, MSM8909W, SD 210/SD 212/SD 205, SD 410/12, SD 425, SD 430, SD 450, SD 615/16/SD 415, SD 617, SD 625, SD 650/52, SD 808, SD 810, SD 820, SD 820A, SD 835, SD 845, and SD 850, packet replay may be possible. | 4.0 |
2018-04-18 | CVE-2014-10063 | 7PK - Security Features vulnerability in Qualcomm Mdm9625 Firmware and SD 800 Firmware In Android before 2018-04-05 or earlier security patch level on Qualcomm Snapdragon Mobile MDM9625 and SD 800, a fuse is not correctly blown on a secure device. | 5.0 |
2018-04-05 | CVE-2018-4863 | 7PK - Security Features vulnerability in Sophos Endpoint Protection 10.7 Sophos Endpoint Protection 10.7 allows local users to bypass an intended tamper protection mechanism by deleting the HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\services\Sophos Endpoint Defense\ registry key. | 2.1 |
2018-03-21 | CVE-2016-10717 | 7PK - Security Features vulnerability in Malwarebytes Anti-Malware 2.2.1 A vulnerability in the encryption and permission implementation of Malwarebytes Anti-Malware consumer version 2.2.1 and prior (fixed in 3.0.4) allows an attacker to take control of the whitelisting feature (exclusions.dat under %SYSTEMDRIVE%\ProgramData) to permit execution of unauthorized applications including malware and malicious websites. | 4.6 |
2018-03-09 | CVE-2016-0274 | 7PK - Security Features vulnerability in IBM Financial Transaction Manager IBM Financial Transaction Manager (FTM) for ACH Services for Multi-Platform 2.1.1.2 and 3.0.0.x before fp0013, Financial Transaction Manager (FTM) for Check Services for Multi-Platform 2.1.1.2 and 3.0.0.x before fp0013, and Financial Transaction Manager (FTM) for Corporate Payment Services (CPS) for Multi-Platform 2.1.1.2 and 3.0.0.x before fp0013 allows remote attackers to conduct clickjacking attacks via a crafted web site. | 3.5 |
2018-02-19 | CVE-2016-9568 | 7PK - Security Features vulnerability in Carbonblack Carbon Black 5.1.1.60603 A security design issue can allow an unprivileged user to interact with the Carbon Black Sensor and perform unauthorized actions. | 10.0 |
2018-02-08 | CVE-2011-4889 | 7PK - Security Features vulnerability in IBM Websphere Application Server The javax.naming.directory.AttributeInUseException class in the Virtual Member Manager in IBM WebSphere Application Server (WAS) 6.1 before 6.1.0.43, 7.0 before 7.0.0.21, and 8.0 before 8.0.0.2 does not properly update passwords on a configuration using Tivoli Directory Server, which might allow remote attackers to gain access to an application by leveraging knowledge of an old password. | 7.5 |
2018-02-03 | CVE-2009-5144 | 7PK - Security Features vulnerability in MOD Gnutls Project MOD Gnutls mod-gnutls does not validate client certificates when "GnuTLSClientVerify require" is set in a directory context, which allows remote attackers to spoof clients via a crafted certificate. | 5.0 |