Vulnerabilities > Critical
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2017-01-18 | CVE-2016-9679 | Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in Citrix Provisioning Services Citrix Provisioning Services before 7.12 allows attackers to execute arbitrary code by overwriting a function pointer. | 9.8 |
| 2017-01-18 | CVE-2016-9678 | Use After Free vulnerability in Citrix Provisioning Services Use-after-free vulnerability in Citrix Provisioning Services before 7.12 allows attackers to execute arbitrary code via unspecified vectors. | 9.8 |
| 2017-01-18 | CVE-2016-9676 | Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in Citrix Provisioning Services Buffer overflow in Citrix Provisioning Services before 7.12 allows attackers to execute arbitrary code via unspecified vectors. | 9.8 |
| 2017-01-18 | CVE-2016-3415 | Deserialization of Untrusted Data vulnerability in Synacor Zimbra Collaboration Suite Zimbra Collaboration before 8.7.0 allows remote attackers to conduct deserialization attacks via unspecified vectors, aka bug 102276. | 9.1 |
| 2017-01-18 | CVE-2016-9584 | Use After Free vulnerability in Libical Project Libical libical allows remote attackers to cause a denial of service (use-after-free) and possibly read heap memory via a crafted ics file. | 9.1 |
| 2017-01-18 | CVE-2016-7996 | Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in Graphicsmagick Heap-based buffer overflow in the WPG format reader in GraphicsMagick 1.3.25 and earlier allows remote attackers to have unspecified impact via a colormap with a large number of entries. | 9.8 |
| 2017-01-17 | CVE-2017-5519 | SQL Injection vulnerability in Metalgenix Genixcms SQL injection vulnerability in Posts.class.php in GeniXCMS through 0.0.8 allows remote attackers to execute arbitrary SQL commands via the id parameter. | 9.8 |
| 2017-01-17 | CVE-2017-5517 | SQL Injection vulnerability in Metalgenix Genixcms SQL injection vulnerability in author.control.php in GeniXCMS through 0.0.8 allows remote attackers to execute arbitrary SQL commands via the type parameter. | 9.8 |
| 2017-01-14 | CVE-2016-8205 | Path Traversal vulnerability in Brocade Network Advisor 11.0.0.0/11.0.2.0 A Directory Traversal vulnerability in DashboardFileReceiveServlet in the Brocade Network Advisor versions released prior to and including 14.0.2 could allow remote attackers to upload a malicious file in a section of the file system where it can be executed. | 9.8 |
| 2017-01-14 | CVE-2016-8204 | Path Traversal vulnerability in Broadcom Brocade Network Advisor A Directory Traversal vulnerability in FileReceiveServlet in the Brocade Network Advisor versions released prior to and including 14.0.2 could allow remote attackers to upload a malicious file in a section of the file system where it can be executed. | 9.8 |