Vulnerabilities > High
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2017-08-17 | CVE-2017-6767 | Improper Privilege Management vulnerability in Cisco Application Policy Infrastructure Controller A vulnerability in Cisco Application Policy Infrastructure Controller (APIC) could allow an authenticated, remote attacker to gain higher privileges than the account is assigned. | 7.1 |
| 2017-08-17 | CVE-2017-6710 | OS Command Injection vulnerability in Cisco Virtual Network Function Element Manager 5.0.3/5.1.3 A vulnerability in the Cisco Virtual Network Function (VNF) Element Manager could allow an authenticated, remote attacker to elevate privileges and run commands in the context of the root user on the server. | 8.1 |
| 2017-08-17 | CVE-2017-7556 | Cross-Site Request Forgery (CSRF) vulnerability in Hawt Hawtio 1.5.3 Hawtio versions up to and including 1.5.3 are vulnerable to CSRF vulnerability allowing remote attackers to trick the user to visit their website containing a malicious script which can be submitted to hawtio server on behalf of the user. | 8.8 |
| 2017-08-17 | CVE-2017-11662 | Out-of-bounds Read vulnerability in Mindwerks Wildmidi 0.4.2 The _WM_ParseNewMidi function in f_midi.c in WildMIDI 0.4.2 can cause a denial of service (invalid memory read and application crash) via a crafted mid file. | 7.5 |
| 2017-08-17 | CVE-2017-11661 | Out-of-bounds Read vulnerability in Mindwerks Wildmidi 0.4.2 The _WM_SetupMidiEvent function in internal_midi.c:2318 in WildMIDI 0.4.2 can cause a denial of service (invalid memory read and application crash) via a crafted mid file. | 7.5 |
| 2017-08-16 | CVE-2017-12892 | Untrusted Search Path vulnerability in Foxitsoftware PDF Compressor Foxit PDF Compressor installers from versions from 7.0.0.183 to 7.7.2.10 contain a DLL preloading vulnerability, wherein it is possible for the installer to load a malicious DLL located in the current working directory of the installer. | 7.8 |
| 2017-08-16 | CVE-2017-7548 | PostgreSQL versions before 9.4.13, 9.5.8 and 9.6.4 are vulnerable to authorization flaw allowing remote authenticated attackers with no privileges on a large object to overwrite the entire contents of the object, resulting in a denial of service. | 7.5 |
| 2017-08-16 | CVE-2017-7547 | Unspecified vulnerability in Postgresql PostgreSQL versions before 9.2.22, 9.3.18, 9.4.13, 9.5.8 and 9.6.4 are vulnerable to authorization flaw allowing remote authenticated attackers to retrieve passwords from the user mappings defined by the foreign server owners without actually having the privileges to do so. | 8.8 |
| 2017-08-16 | CVE-2017-8243 | Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in Google Android A buffer overflow can occur in all Qualcomm products with Android for MSM, Firefox OS for MSM, or QRD Android when processing a firmware image file. | 7.8 |
| 2017-08-16 | CVE-2017-6421 | Classic Buffer Overflow vulnerability in Google Android In the touch controller function in all Qualcomm products with Android for MSM, Firefox OS for MSM, or QRD Android, a variable may be controlled by the user and can lead to a buffer overflow. | 8.8 |