Vulnerabilities > High

DATE CVE VULNERABILITY TITLE RISK
2017-10-31 CVE-2017-10953 Improper Input Validation vulnerability in Foxitsoftware Foxit Reader 8.3.0.14878
This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Foxit Reader 8.3.0.14878.
network
low complexity
foxitsoftware CWE-20
8.8
8.8
2017-10-31 CVE-2017-10948 Use After Free vulnerability in Foxitsoftware Foxit Reader 8.2.1.6871
This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Foxit Reader 8.2.1.6871.
network
low complexity
foxitsoftware CWE-416
8.8
8.8
2017-10-31 CVE-2017-10947 Use After Free vulnerability in Foxitsoftware Foxit Reader 8.2.1.6871
This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Foxit Reader 8.2.1.6871.
network
low complexity
foxitsoftware CWE-416
8.8
8.8
2017-10-31 CVE-2017-10946 Use After Free vulnerability in Foxitsoftware Foxit Reader 8.2.1.6871
This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Foxit Reader 8.2.1.6871.
network
low complexity
foxitsoftware CWE-416
8.8
8.8
2017-10-31 CVE-2017-10945 Use After Free vulnerability in Foxitsoftware Foxit Reader 8.3.0.14878
This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Foxit Reader 8.3.0.14878.
network
low complexity
foxitsoftware CWE-416
8.8
8.8
2017-10-31 CVE-2017-10941 Use After Free vulnerability in Foxitsoftware Foxit Reader 8.3.0.14878
This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Foxit Reader 8.3.0.14878.
network
low complexity
foxitsoftware CWE-416
8.8
8.8
2017-10-31 CVE-2017-10940 Unrestricted Upload of File with Dangerous Type vulnerability in Joyent Triton Datacenter
This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Joyent Smart Data Center prior to [email protected] (e469cf49-4de3-4658-8419-ab42837916ad).
network
low complexity
joyent CWE-434
8.8
8.8
2017-10-31 CVE-2017-15884 Race Condition vulnerability in Hashicorp Vagrant VMWare Fusion 5.0.0
In HashiCorp Vagrant VMware Fusion plugin (aka vagrant-vmware-fusion) 5.0.0, a local attacker or malware can silently subvert the plugin update process in order to escalate to root privileges.
local
high complexity
hashicorp CWE-362
7.0
7.0
2017-10-31 CVE-2017-14163 Session Fixation vulnerability in Mahara
An issue was discovered in Mahara before 15.04.14, 16.x before 16.04.8, 16.10.x before 16.10.5, and 17.x before 17.04.3.
network
low complexity
mahara CWE-384
8.8
8.8
2017-10-31 CVE-2017-1000256 Improper Certificate Validation vulnerability in multiple products
libvirt version 2.3.0 and later is vulnerable to a bad default configuration of "verify-peer=no" passed to QEMU by libvirt resulting in a failure to validate SSL/TLS certificates by default.
network
high complexity
redhat debian CWE-295
8.1
8.1