Vulnerabilities > High
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2017-09-20 | CVE-2015-5607 | Cross-Site Request Forgery (CSRF) vulnerability in multiple products Cross-site request forgery in the REST API in IPython 2 and 3. | 8.8 |
| 2017-09-20 | CVE-2015-5179 | Improper Input Validation vulnerability in Freeipa FreeIPA might display user data improperly via vectors involving non-printable characters. | 7.5 |
| 2017-09-20 | CVE-2015-4075 | Injection vulnerability in Helpdeskpro Helpdesk PRO 1.1.1/1.2.0/1.3.0 The Helpdesk Pro plugin before 1.4.0 for Joomla! allows remote attackers to write to arbitrary .ini files via a crafted language.save task. | 8.1 |
| 2017-09-20 | CVE-2015-4074 | Path Traversal vulnerability in Helpdesk PRO Project Helpdesk PRO Directory traversal vulnerability in the Helpdesk Pro plugin before 1.4.0 for Joomla! allows remote attackers to read arbitrary files via a .. | 7.5 |
| 2017-09-20 | CVE-2015-1329 | Use After Free vulnerability in Canonical Ubuntu Linux 14.04/15.04 Use-after-free vulnerability in oxide::qt::URLRequestDelegatedJob in oxide-qt in Ubuntu 15.04 and 14.04 LTS might allow remote attackers to execute arbitrary code. | 8.8 |
| 2017-09-20 | CVE-2017-8770 | Information Exposure vulnerability in Twsz Wifi Repeater Firmware There is LFD (local file disclosure) on BE126 WIFI repeater 1.0 devices that allows attackers to read the entire filesystem on the device via a crafted getpage parameter. | 7.5 |
| 2017-09-19 | CVE-2015-4685 | Permissions, Privileges, and Access Controls vulnerability in Polycom Realpresence Resource Manager Polycom RealPresence Resource Manager (aka RPRM) before 8.4 allows local users with access to the plcm account to gain privileges via a script in /var/polycom/cma/upgrade/scripts, related to a sudo misconfiguration. | 7.0 |
| 2017-09-19 | CVE-2015-4681 | Credentials Management vulnerability in Polycom Realpresence Resource Manager Polycom RealPresence Resource Manager (aka RPRM) before 8.4 allows local users to have unspecified impact via vectors related to weak passwords. | 7.8 |
| 2017-09-19 | CVE-2017-12837 | Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in Perl Heap-based buffer overflow in the S_regatom function in regcomp.c in Perl 5 before 5.24.3-RC1 and 5.26.x before 5.26.1-RC1 allows remote attackers to cause a denial of service (out-of-bounds write) via a regular expression with a '\N{}' escape and the case-insensitive modifier. | 7.5 |
| 2017-09-19 | CVE-2017-14033 | Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in Ruby-Lang Ruby The decode method in the OpenSSL::ASN1 module in Ruby before 2.2.8, 2.3.x before 2.3.5, and 2.4.x through 2.4.1 allows attackers to cause a denial of service (interpreter crash) via a crafted string. | 7.5 |