Vulnerabilities > High
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2017-08-30 | CVE-2017-13763 | Allocation of Resources Without Limits or Throttling vulnerability in Onosproject Onos 1.10.0/1.8.0/1.9.0 ONOS versions 1.8.0, 1.9.0, and 1.10.0 do not restrict the amount of memory allocated. | 7.5 |
| 2017-08-29 | CVE-2017-0379 | Information Exposure vulnerability in multiple products Libgcrypt before 1.8.1 does not properly consider Curve25519 side-channel attacks, which makes it easier for attackers to discover a secret key, related to cipher/ecc.c and mpi/ec.c. | 7.5 |
| 2017-08-29 | CVE-2017-3154 | Information Exposure vulnerability in Apache Atlas 0.6.0/0.7.0 Error responses from Apache Atlas versions 0.6.0-incubating and 0.7.0-incubating included stack trace, exposing excessive information. | 7.5 |
| 2017-08-29 | CVE-2016-8752 | Improper Access Control vulnerability in Apache Atlas 0.6.0/0.7.0/0.7.1 Apache Atlas versions 0.6.0 (incubating), 0.7.0 (incubating), and 0.7.1 (incubating) allow access to the webapp directory contents by pointing to URIs like /js and /img. | 7.5 |
| 2017-08-29 | CVE-2014-9497 | Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in Mpg123 Buffer overflow in mpg123 before 1.18.0. | 7.5 |
| 2017-08-29 | CVE-2013-7432 | Permissions, Privileges, and Access Controls vulnerability in Mapsplugin Googlemaps 3.0 The Googlemaps plugin before 3.1 for Joomla! allows remote attackers to bypass an intended protection mechanism. | 7.5 |
| 2017-08-29 | CVE-2016-2972 | Credentials Management vulnerability in IBM Sametime IBM Sametime Meeting Server 8.5.2 and 9.0 could store credentials of the Sametime Meetings user in the local cache of their browser which could be accessed by a local user. | 7.8 |
| 2017-08-29 | CVE-2017-12775 | Improper Input Validation vulnerability in Question2Answer qa-include/qa-install.php in Question2Answer before 1.7.5 allows remote attackers to create multiple user accounts. | 7.5 |
| 2017-08-29 | CVE-2017-12763 | Incorrect Default Permissions vulnerability in Nomachine An unspecified server utility in NoMachine before 5.3.10 on Mac OS X and Linux allows authenticated users to gain privileges by gaining access to local files. | 8.8 |
| 2017-08-29 | CVE-2017-11455 | Cross-Site Request Forgery (CSRF) vulnerability in multiple products diag.cgi in Pulse Connect Secure 8.2R1 through 8.2R5, 8.1R1 through 8.1R10 and Pulse Policy Secure 5.3R1 through 5.3R5, 5.2R1 through 5.2R8, and 5.1R1 through 5.1R10 allow remote attackers to hijack the authentication of administrators for requests to start tcpdump, related to the lack of anti-CSRF tokens. | 8.8 |