Vulnerabilities > High
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2017-08-18 | CVE-2017-12932 | Use After Free vulnerability in PHP ext/standard/var_unserializer.re in PHP 7.0.x through 7.0.22 and 7.1.x through 7.1.8 is prone to a heap use after free while unserializing untrusted data, related to improper use of the hash API for key deletion in a situation with an invalid array size. | 7.5 |
| 2017-08-17 | CVE-2017-6790 | Unspecified vulnerability in Cisco Telepresence Video Communication Server A vulnerability in the Session Initiation Protocol (SIP) on the Cisco TelePresence Video Communication Server (VCS) could allow an unauthenticated, remote attacker to cause a denial of service (DoS) condition on the targeted appliance. network cisco | 7.1 |
| 2017-08-17 | CVE-2017-6768 | Untrusted Search Path vulnerability in Cisco Application Policy Infrastructure Controller A vulnerability in the build procedure for certain executable system files installed at boot time on Cisco Application Policy Infrastructure Controller (APIC) devices could allow an authenticated, local attacker to gain root-level privileges. | 7.2 |
| 2017-08-17 | CVE-2017-6710 | OS Command Injection vulnerability in Cisco Virtual Network Function Element Manager A vulnerability in the Cisco Virtual Network Function (VNF) Element Manager could allow an authenticated, remote attacker to elevate privileges and run commands in the context of the root user on the server. | 8.5 |
| 2017-08-17 | CVE-2017-12910 | SQL Injection vulnerability in Nexusphp Project Nexusphp 1.5 SQL injection vulnerability in massmail.php in NexusPHP 1.5 allows remote attackers to execute arbitrary SQL commands via the or parameter. | 7.5 |
| 2017-08-17 | CVE-2017-12909 | SQL Injection vulnerability in Nexusphp Project Nexusphp 1.5 SQL injection vulnerability in modtask.php in NexusPHP 1.5 allows remote attackers to execute arbitrary SQL commands via the userid parameter. | 7.5 |
| 2017-08-17 | CVE-2017-12908 | SQL Injection vulnerability in Nexusphp Project Nexusphp 1.5 SQL injection vulnerability in takeconfirm.php in NexusPHP 1.5 allows remote attackers to execute arbitrary SQL commands via the conusr parameter. | 7.5 |
| 2017-08-17 | CVE-2017-7555 | Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in Augeas Augeas versions up to and including 1.8.0 are vulnerable to heap-based buffer overflow due to improper handling of escaped strings. | 7.5 |
| 2017-08-16 | CVE-2017-7548 | PostgreSQL versions before 9.4.13, 9.5.8 and 9.6.4 are vulnerable to authorization flaw allowing remote authenticated attackers with no privileges on a large object to overwrite the entire contents of the object, resulting in a denial of service. | 7.5 |
| 2017-08-16 | CVE-2017-7546 | Improper Authentication vulnerability in multiple products PostgreSQL versions before 9.2.22, 9.3.18, 9.4.13, 9.5.8 and 9.6.4 are vulnerable to incorrect authentication flaw allowing remote attackers to gain access to database accounts with an empty password. | 7.5 |