Vulnerabilities > Revive Adserver > Critical
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2017-03-28 | CVE-2016-9470 | 7PK - Security Features vulnerability in Revive-Adserver Revive Adserver Revive Adserver before 3.2.5 and 4.0.0 suffers from Reflected File Download. | 9.0 |
| 2017-03-28 | CVE-2016-9125 | Session Fixation vulnerability in Revive-Adserver Revive Adserver Revive Adserver before 3.2.3 suffers from session fixation, by allowing arbitrary session identifiers to be forced and, at the same time, by not invalidating the existing session upon a successful authentication. | 9.8 |
| 2017-03-28 | CVE-2016-9124 | Improper Authentication vulnerability in Revive-Adserver Revive Adserver Revive Adserver before 3.2.3 suffers from Improper Restriction of Excessive Authentication Attempts. | 9.8 |
| 2017-03-03 | CVE-2017-5830 | Deserialization of Untrusted Data vulnerability in Revive-Adserver Revive Adserver Revive Adserver before 4.0.1 allows remote attackers to execute arbitrary code via serialized data in the cookies related to the delivery scripts. | 9.8 |