Vulnerabilities > Critical
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2017-05-16 | CVE-2017-6079 | Unspecified vulnerability in Ribboncommunications Edgemarc Firmware The HTTP web-management application on Edgewater Networks Edgemarc appliances has a hidden page that allows for user-defined commands such as specific iptables routes, etc., to be set. | 9.8 |
| 2017-05-16 | CVE-2017-3882 | Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in Cisco products A vulnerability in the Universal Plug-and-Play (UPnP) implementation in the Cisco CVR100W Wireless-N VPN Router could allow an unauthenticated, Layer 2-adjacent attacker to execute arbitrary code or cause a denial of service (DoS) condition. | 9.6 |
| 2017-05-16 | CVE-2017-6886 | Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in Libraw An error within the "parse_tiff_ifd()" function (internal/dcraw_common.cpp) in LibRaw versions before 0.18.2 can be exploited to corrupt memory. | 9.8 |
| 2017-05-16 | CVE-2017-6885 | Unspecified vulnerability in Flexerasoftware Flexnet Manager Suite An error when handling certain external commands and services related to the FlexNet Inventory Agent and FlexNet Beacon of the Flexera Software FlexNet Manager Suite 2017 before 2017 R1 and 2014 R3 through 2016 R1 SP1 can be exploited to gain elevated privileges. | 9.8 |
| 2017-05-16 | CVE-2016-10372 | Permissions, Privileges, and Access Controls vulnerability in EIR D1000 Modem Firmware The Eir D1000 modem does not properly restrict the TR-064 protocol, which allows remote attackers to execute arbitrary commands via TCP port 7547, as demonstrated by opening WAN access to TCP port 80, retrieving the login password (which defaults to the Wi-Fi password), and using the NewNTPServer feature. | 9.8 |
| 2017-05-15 | CVE-2017-6890 | Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in Libraw Libraw-Demosaic-Pack-Gpl2 A boundary error within the "foveon_load_camf()" function (dcraw_foveon.c) when initializing a huffman table in LibRaw-demosaic-pack-GPL2 before 0.18.2 can be exploited to cause a stack-based buffer overflow. | 9.8 |
| 2017-05-15 | CVE-2017-6889 | Integer Overflow or Wraparound vulnerability in Libraw Libraw-Demosaic-Pack-Gpl2 An integer overflow error within the "foveon_load_camf()" function (dcraw_foveon.c) in LibRaw-demosaic-pack-GPL2 before 0.18.2 can be exploited to cause a heap-based buffer overflow. | 9.8 |
| 2017-05-15 | CVE-2017-0252 | Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in Microsoft Edge A remote code execution vulnerability exists in Microsoft Chakra Core in the way JavaScript engines render when handling objects in memory. | 9.8 |
| 2017-05-15 | CVE-2017-0223 | Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in Microsoft Edge A remote code execution vulnerability exists in Microsoft Chakra Core in the way JavaScript engines render when handling objects in memory. | 9.8 |
| 2017-05-15 | CVE-2017-7213 | Improper Input Validation vulnerability in Zohocorp Manageengine Desktop Central Zoho ManageEngine Desktop Central before build 100082 allows remote attackers to obtain control over all connected active desktops via unspecified vectors. | 10.0 |