Vulnerabilities > High

DATE CVE VULNERABILITY TITLE RISK
2018-01-12 CVE-2017-0855 Missing Release of Resource after Effective Lifetime vulnerability in Google Android
In MPEG4Extractor.cpp, there are several places where functions return early without cleaning up internal buffers which could lead to memory leaks.
network
low complexity
google CWE-772
7.5
2018-01-12 CVE-2017-0846 Information Exposure vulnerability in Google Android
An information disclosure vulnerability in the Android framework (clipboardservice).
network
low complexity
google CWE-200
7.5
2018-01-12 CVE-2015-9250 Path Traversal vulnerability in Skyboxsecurity Skybox Platform
An issue was discovered in Skybox Platform before 7.5.201.
network
low complexity
skyboxsecurity CWE-22
7.5
2018-01-12 CVE-2017-16739 Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in We-Con Levistudio HMI Editor Firmware 1.8.29
An issue was discovered in WECON Technology LEVI Studio HMI Editor v1.8.29 and prior.
local
low complexity
we-con CWE-119
7.8
2018-01-12 CVE-2017-16737 Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in We-Con Levistudio HMI Editor Firmware 1.8.29
An issue was discovered in WECON Technology LEVI Studio HMI Editor v1.8.29 and prior.
local
low complexity
we-con CWE-119
7.8
2018-01-12 CVE-2017-14030 Unquoted Search Path or Element vulnerability in Moxa Mxview
An issue was discovered in Moxa MXview v2.8 and prior.
local
low complexity
moxa CWE-428
7.8
2018-01-12 CVE-2017-16886 Cross-Site Request Forgery (CSRF) vulnerability in Fiberhome Lm53Q1 Firmware Vh519R05C01S38
The portal on FiberHome Mobile WIFI Device Model LM53Q1 VH519R05C01S38 uses SOAP based web services in order to interact with the portal.
network
low complexity
fiberhome CWE-352
8.8
2018-01-12 CVE-2016-0335 Cross-Site Request Forgery (CSRF) vulnerability in IBM Security Identity Manager
Cross-site request forgery (CSRF) vulnerability in IBM Security Identity Manager (ISIM) Virtual Appliance 7.0.0.0 through 7.0.1.0 before 7.0.1-ISS-SIM-FP0001 allows remote attackers to hijack the authentication of users for requests that have unspecified impact via unknown vectors.
network
low complexity
ibm CWE-352
8.8
2018-01-12 CVE-2016-0327 Permissions, Privileges, and Access Controls vulnerability in IBM Security Identity Manager Virtual Appliance
IBM Security Identity Manager (ISIM) Virtual Appliance 7.0.0.0 through 7.0.1.0 before 7.0.1-ISS-SIM-FP0001 allows local users to gain administrator privileges via unspecified vectors.
local
low complexity
ibm CWE-264
7.8
2018-01-12 CVE-2016-0324 Command Injection vulnerability in IBM Security Identity Manager Virtual Appliance
IBM Security Identity Manager (ISIM) Virtual Appliance 7.0.0.0 through 7.0.1.0 before 7.0.1-ISS-SIM-FP0001 allows remote authenticated users to execute arbitrary code with administrator privileges via unspecified vectors.
network
low complexity
ibm CWE-77
8.8