Vulnerabilities > High

DATE CVE VULNERABILITY TITLE RISK
2017-07-17 CVE-2017-9812 Information Exposure vulnerability in Kaspersky Anti-Virus for Linux Server 8.0.3.297
The reportId parameter of the getReportStatus action method can be abused in the web interface in Kaspersky Anti-Virus for Linux File Server before Maintenance Pack 2 Critical Fix 4 (version 8.0.4.312) to read arbitrary files with kluser privileges.
network
low complexity
kaspersky CWE-200
7.5
2017-07-17 CVE-2017-9810 Cross-Site Request Forgery (CSRF) vulnerability in Kaspersky Anti-Virus for Linux Server 8.0.3.297
There are no Anti-CSRF tokens in any forms on the web interface in Kaspersky Anti-Virus for Linux File Server before Maintenance Pack 2 Critical Fix 4 (version 8.0.4.312).
network
low complexity
kaspersky CWE-352
8.8
2017-07-17 CVE-2017-9671 Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in Alpinelinux Alpine Linux
A heap overflow in apk (Alpine Linux's package manager) allows a remote attacker to cause a denial of service, or achieve code execution, by crafting a malicious APKINDEX.tar.gz file with a bad pax header block.
local
low complexity
alpinelinux CWE-119
7.8
2017-07-17 CVE-2017-9669 Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in Alpinelinux Alpine Linux
A heap overflow in apk (Alpine Linux's package manager) allows a remote attacker to cause a denial of service, or achieve code execution by crafting a malicious APKINDEX.tar.gz file.
local
low complexity
alpinelinux CWE-119
7.8
2017-07-17 CVE-2017-6744 Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in Cisco IOS
The Simple Network Management Protocol (SNMP) subsystem of Cisco IOS and IOS XE Software contains multiple vulnerabilities that could allow an authenticated, remote attacker to remotely execute code on an affected system or cause an affected system to reload.
network
low complexity
cisco CWE-119
8.8
2017-07-17 CVE-2017-6743 Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in Cisco IOS
The Simple Network Management Protocol (SNMP) subsystem of Cisco IOS 12.0 through 12.4 and 15.0 through 15.6 and IOS XE 2.2 through 3.17 contains multiple vulnerabilities that could allow an authenticated, remote attacker to remotely execute code on an affected system or cause an affected system to reload.
network
low complexity
cisco CWE-119
8.8
2017-07-17 CVE-2017-6742 Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in Cisco IOS
The Simple Network Management Protocol (SNMP) subsystem of Cisco IOS 12.0 through 12.4 and 15.0 through 15.6 and IOS XE 2.2 through 3.17 contains multiple vulnerabilities that could allow an authenticated, remote attacker to remotely execute code on an affected system or cause an affected system to reload.
network
low complexity
cisco CWE-119
8.8
2017-07-17 CVE-2017-6741 Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in Cisco IOS XE
The Simple Network Management Protocol (SNMP) subsystem of Cisco IOS 12.0 through 12.4 and 15.0 through 15.6 and IOS XE 2.2 through 3.17 contains multiple vulnerabilities that could allow an authenticated, remote attacker to remotely execute code on an affected system or cause an affected system to reload.
network
low complexity
cisco CWE-119
8.8
2017-07-17 CVE-2017-6740 Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in Cisco IOS
The Simple Network Management Protocol (SNMP) subsystem of Cisco IOS 12.0 through 12.4 and 15.0 through 15.6 and IOS XE 2.2 through 3.17 contains multiple vulnerabilities that could allow an authenticated, remote attacker to remotely execute code on an affected system or cause an affected system to reload.
network
low complexity
cisco CWE-119
8.8
2017-07-17 CVE-2017-6739 Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in Cisco IOS
The Simple Network Management Protocol (SNMP) subsystem of Cisco IOS 12.0 through 12.4 and 15.0 through 15.6 and IOS XE 2.2 through 3.17 contains multiple vulnerabilities that could allow an authenticated, remote attacker to remotely execute code on an affected system or cause an affected system to reload.
network
low complexity
cisco CWE-119
8.8