Vulnerabilities > High
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2018-02-07 | CVE-2018-1366 | Unspecified vulnerability in IBM Content Navigator IBM Content Navigator 2.0 and 3.0 is vulnerable to Comma Separated Value (CSV) Injection. | 7.8 |
| 2018-02-07 | CVE-2017-17552 | Cross-Site Request Forgery (CSRF) vulnerability in Zohocorp Manageengine Admanager Plus /LoadFrame in Zoho ManageEngine AD Manager Plus build 6590 - 6613 allows attackers to conduct URL Redirection attacks via the src parameter, resulting in a bypass of CSRF protection, or potentially masquerading a malicious URL as trusted. | 8.8 |
| 2018-02-07 | CVE-2017-1692 | Unspecified vulnerability in IBM AIX IBM AIX 5.3, 6.1, 7.1, and 7.2 contains an unspecified vulnerability that would allow a locally authenticated user to obtain root level privileges. | 7.8 |
| 2018-02-07 | CVE-2017-12473 | Improper Input Validation vulnerability in Ccn-Lite ccnl_ccntlv_bytes2pkt in CCN-lite allows context-dependent attackers to cause a denial of service (application crash) via vectors involving packets with "wrong L values." | 7.5 |
| 2018-02-07 | CVE-2017-12467 | Missing Release of Resource after Effective Lifetime vulnerability in Ccn-Lite Memory leak in CCN-lite before 2.00 allows context-dependent attackers to cause a denial of service (memory consumption) by leveraging failure to allocate memory for the comp or complen structure member. | 7.5 |
| 2018-02-07 | CVE-2017-12464 | NULL Pointer Dereference vulnerability in Ccn-Lite ccn-lite-valid.c in CCN-lite before 2.00 allows context-dependent attackers to cause a denial of service (NULL pointer dereference) via vectors involving the keyfile variable. | 7.5 |
| 2018-02-07 | CVE-2017-12463 | Missing Release of Resource after Effective Lifetime vulnerability in Ccn-Lite Memory leak in the ccnl_app_RX function in ccnl-uapi.c in CCN-lite before 2.00 allows context-dependent attackers to cause a denial of service (memory consumption) via vectors involving an envelope_s structure pointer when the packet format is unknown. | 7.5 |
| 2018-02-07 | CVE-2017-12412 | Infinite Loop vulnerability in Ccn-Lite ccn-lite-ccnb2xml in CCN-lite before 2.0.0 allows context-dependent attackers to have unspecified impact via a crafted file, which triggers infinite recursion and a stack overflow. | 7.8 |
| 2018-02-07 | CVE-2016-6169 | Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in Foxitsoftware Foxit Reader Heap-based buffer overflow in Foxit Reader and PhantomPDF 7.3.4.311 and earlier on Windows allows remote attackers to cause a denial of service (memory corruption and application crash) or potentially execute arbitrary code via the Bezier data in a crafted PDF file. | 7.8 |
| 2018-02-07 | CVE-2016-6168 | Use After Free vulnerability in Foxitsoftware Foxit Reader Use-after-free vulnerability in Foxit Reader and PhantomPDF 7.3.4.311 and earlier on Windows allows remote attackers to cause a denial of service (application crash) and execute arbitrary code via a crafted PDF file. | 7.8 |