Vulnerabilities > Ecmwf
DATE | CVE | VULNERABILITY TITLE | RISK |
---|---|---|---|
2017-12-14 | CVE-2017-17515 | Injection vulnerability in multiple products etc/ObjectList in Metview 4.7.3 does not validate strings before launching the program specified by the BROWSER environment variable, which might allow remote attackers to conduct argument-injection attacks via a crafted URL. | 8.8 |
2010-10-20 | CVE-2010-3393 | Unspecified vulnerability in Ecmwf Magics++ 2.10.0 magics-config in Magics++ 2.10.0 places a zero-length directory name in the LD_LIBRARY_PATH, which allows local users to gain privileges via a Trojan horse shared library in the current working directory. local ecmwf | 6.9 |