Vulnerabilities > High

DATE CVE VULNERABILITY TITLE RISK
2017-10-22 CVE-2017-11292 Type Confusion vulnerability in multiple products
Adobe Flash Player version 27.0.0.159 and earlier has a flawed bytecode verification procedure, which allows for an untrusted value to be used in the calculation of an array index.
network
low complexity
adobe redhat CWE-843
8.8
8.8
2017-10-22 CVE-2017-15735 Cross-Site Request Forgery (CSRF) vulnerability in PHPmyfaq
In phpMyFAQ before 2.9.9, there is Cross-Site Request Forgery (CSRF) for modifying a glossary.
network
low complexity
phpmyfaq CWE-352
8.8
8.8
2017-10-22 CVE-2017-15734 Cross-Site Request Forgery (CSRF) vulnerability in PHPmyfaq
In phpMyFAQ before 2.9.9, there is Cross-Site Request Forgery (CSRF) in admin/stat.main.php.
network
low complexity
phpmyfaq CWE-352
8.8
8.8
2017-10-22 CVE-2017-15733 Cross-Site Request Forgery (CSRF) vulnerability in PHPmyfaq
In phpMyFAQ before 2.9.9, there is Cross-Site Request Forgery (CSRF) in admin/ajax.attachment.php and admin/att.main.php.
network
low complexity
phpmyfaq CWE-352
8.8
8.8
2017-10-22 CVE-2017-15732 Cross-Site Request Forgery (CSRF) vulnerability in PHPmyfaq
In phpMyFAQ before 2.9.9, there is Cross-Site Request Forgery (CSRF) in admin/news.php.
network
low complexity
phpmyfaq CWE-352
8.8
8.8
2017-10-22 CVE-2017-15731 Cross-Site Request Forgery (CSRF) vulnerability in PHPmyfaq
In phpMyFAQ before 2.9.9, there is Cross-Site Request Forgery (CSRF) in admin/stat.adminlog.php.
network
low complexity
phpmyfaq CWE-352
8.8
8.8
2017-10-22 CVE-2017-15730 Cross-Site Request Forgery (CSRF) vulnerability in PHPmyfaq
In phpMyFAQ before 2.9.9, there is Cross-Site Request Forgery (CSRF) in admin/stat.ratings.php.
network
low complexity
phpmyfaq CWE-352
8.8
8.8
2017-10-22 CVE-2017-15729 Cross-Site Request Forgery (CSRF) vulnerability in PHPmyfaq
In phpMyFAQ before 2.9.9, there is Cross-Site Request Forgery (CSRF) for adding a glossary.
network
low complexity
phpmyfaq CWE-352
8.8
8.8
2017-10-22 CVE-2015-5699 Permissions, Privileges, and Access Controls vulnerability in Cumulusnetworks Cumulus Linux 2.5.3
The Switch Configuration Tools Backend (clcmd_server) in Cumulus Linux 2.5.3 and earlier allows local users to execute arbitrary commands via shell metacharacters in a cl-rctl command label.
local
low complexity
cumulusnetworks CWE-264
7.8
7.8
2017-10-22 CVE-2015-5177 Double Free vulnerability in multiple products
Double free vulnerability in the SLPDKnownDAAdd function in slpd/slpd_knownda.c in OpenSLP 1.2.1 allows remote attackers to cause a denial of service (crash) via a crafted package.
network
low complexity
openslp debian CWE-415
7.5
7.5