Vulnerabilities > High
DATE | CVE | VULNERABILITY TITLE | RISK |
---|---|---|---|
2017-07-20 | CVE-2017-11473 | Classic Buffer Overflow vulnerability in multiple products Buffer overflow in the mp_override_legacy_irq() function in arch/x86/kernel/acpi/boot.c in the Linux kernel through 3.2 allows local users to gain privileges via a crafted ACPI table. | 7.8 |
2017-07-20 | CVE-2017-11471 | SQL Injection vulnerability in Idera Uptime Infrastructure Monitor 7.8 IDERA Uptime Monitor 7.8 has SQL injection in /gadgets/definitions/uptime.CapacityWhatIfGadget/getmetrics.php via the element parameter. | 7.5 |
2017-07-20 | CVE-2017-11470 | SQL Injection vulnerability in Idera Uptime Infrastructure Monitor 7.8 IDERA Uptime Monitor 7.8 has SQL injection in /gadgets/definitions/uptime.CapacityWhatifGadget/getxenmetrics.php via the element parameter. | 7.5 |
2017-07-20 | CVE-2017-9765 | Integer Overflow or Wraparound vulnerability in Genivia Gsoap Integer overflow in the soap_get function in Genivia gSOAP 2.7.x and 2.8.x before 2.8.48, as used on Axis cameras and other devices, allows remote attackers to execute arbitrary code or cause a denial of service (stack-based buffer overflow and application crash) via a large XML document, aka Devil's Ivy. | 8.1 |
2017-07-19 | CVE-2017-11465 | Out-of-bounds Read vulnerability in Ruby-Lang Ruby 2.4.1 The parser_yyerror function in the UTF-8 parser in Ruby 2.4.1 allows attackers to cause a denial of service (invalid write or read) or possibly have unspecified other impact via a crafted Ruby script, related to the parser_tokadd_utf8 function in parse.y. | 7.5 |
2017-07-19 | CVE-2017-11446 | Infinite Loop vulnerability in Imagemagick 7.0.61 The ReadPESImage function in coders\pes.c in ImageMagick 7.0.6-1 has an infinite loop vulnerability that can cause CPU exhaustion via a crafted PES file. | 7.1 |
2017-07-19 | CVE-2017-11445 | SQL Injection vulnerability in Intelliants Subrion CMS Subrion CMS before 4.1.6 has a SQL injection vulnerability in /front/actions.php via the $_POST array. | 7.5 |
2017-07-19 | CVE-2017-11444 | SQL Injection vulnerability in Intelliants Subrion CMS Subrion CMS before 4.1.5.10 has a SQL injection vulnerability in /front/search.php via the $_GET array. | 7.5 |
2017-07-19 | CVE-2017-11436 | Use of Hard-coded Credentials vulnerability in Dlink Dir-615 20.12Ptb01 D-Link DIR-615 before v20.12PTb04 has a second admin account with a 0x1 BACKDOOR value, which might allow remote attackers to obtain access via a TELNET connection. | 7.5 |
2017-07-19 | CVE-2017-11435 | Information Exposure vulnerability in Humaxdigital Hg100R Firmware 2.0.6 The Humax Wi-Fi Router model HG100R-* 2.0.6 is prone to an authentication bypass vulnerability via specially crafted requests to the management console. | 7.5 |