Vulnerabilities > High

DATE CVE VULNERABILITY TITLE RISK
2018-03-02 CVE-2017-7429 Improper Certificate Validation vulnerability in multiple products
The certificate upload in NetIQ eDirectory PKI plugin before 8.8.8 Patch 10 Hotfix 1 could be abused to upload JSP code which could be used by authenticated attackers to execute JSP applets on the iManager server.
network
low complexity
netiq microfocus CWE-295
8.8
8.8
2018-03-02 CVE-2017-5189 Improper Authentication vulnerability in Netiq Imanager
NetIQ iManager before 3.0.3 delivered a SSL private key in a Java application (JAR file) for authentication to Sentinel, allowing attackers to extract and establish their own connections to the Sentinel appliance.
network
low complexity
netiq CWE-287
7.5
7.5
2018-03-02 CVE-2015-0796 Link Following vulnerability in Opensuse Open Buildservice
In open buildservice 2.6 before 2.6.3, 2.5 before 2.5.7 and 2.4 before 2.4.8 the source service patch application could generate non-standard files like symlinks or device nodes, which could allow buildservice users to break of confinement or cause denial of service attacks on the source service.
local
low complexity
opensuse CWE-59
7.8
7.8
2018-03-02 CVE-2018-7643 Integer Overflow or Wraparound vulnerability in multiple products
The display_debug_ranges function in dwarf.c in GNU Binutils 2.30 allows remote attackers to cause a denial of service (integer overflow and application crash) or possibly have unspecified other impact via a crafted ELF file, as demonstrated by objdump.
local
low complexity
gnu redhat CWE-190
7.8
7.8
2018-03-02 CVE-2018-1058 A flaw was found in the way Postgresql allowed a user to modify the behavior of a query for other users.
network
low complexity
postgresql canonical redhat
8.8
8.8
2018-03-02 CVE-2017-14461 Out-of-bounds Read vulnerability in multiple products
A specially crafted email delivered over SMTP and passed on to Dovecot by MTA can trigger an out of bounds read resulting in potential sensitive information disclosure and denial of service.
network
low complexity
dovecot debian ubuntu CWE-125
7.1
7.1
2018-03-02 CVE-2018-7641 Out-of-bounds Read vulnerability in Cimg .220
An issue was discovered in CImg v.220.
local
low complexity
cimg CWE-125
7.8
7.8
2018-03-02 CVE-2018-7640 Out-of-bounds Read vulnerability in Cimg .220
An issue was discovered in CImg v.220.
local
low complexity
cimg CWE-125
7.8
7.8
2018-03-02 CVE-2018-7639 Out-of-bounds Read vulnerability in Cimg .220
An issue was discovered in CImg v.220.
local
low complexity
cimg CWE-125
7.8
7.8
2018-03-02 CVE-2018-7638 Out-of-bounds Read vulnerability in Cimg .220
An issue was discovered in CImg v.220.
local
low complexity
cimg CWE-125
7.8
7.8