Vulnerabilities > High

DATE CVE VULNERABILITY TITLE RISK
2017-07-17 CVE-2017-10982 Out-of-bounds Read vulnerability in Freeradius
An FR-GV-205 issue in FreeRADIUS 2.x before 2.2.10 allows "DHCP - Buffer over-read in fr_dhcp_decode_options()" and a denial of service.
network
low complexity
freeradius CWE-125
7.5
2017-07-17 CVE-2017-10981 Missing Release of Resource after Effective Lifetime vulnerability in Freeradius
An FR-GV-204 issue in FreeRADIUS 2.x before 2.2.10 allows "DHCP - Memory leak in fr_dhcp_decode()" and a denial of service.
network
low complexity
freeradius CWE-772
7.5
2017-07-17 CVE-2017-10980 Missing Release of Resource after Effective Lifetime vulnerability in Freeradius
An FR-GV-203 issue in FreeRADIUS 2.x before 2.2.10 allows "DHCP - Memory leak in decode_tlv()" and a denial of service.
network
low complexity
freeradius CWE-772
7.5
2017-07-17 CVE-2017-10978 Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in multiple products
An FR-GV-201 issue in FreeRADIUS 2.x before 2.2.10 and 3.x before 3.0.15 allows "Read / write overflow in make_secret()" and a denial of service.
network
low complexity
freeradius debian redhat CWE-119
7.5
2017-07-17 CVE-2017-11367 Out-of-bounds Read vulnerability in Shoco Project Shoco 20170717
The shoco_decompress function in the API in shoco through 2017-07-17 allows remote attackers to cause a denial of service (buffer over-read and application crash) via malformed compressed data.
network
low complexity
shoco-project CWE-125
7.5
2017-07-17 CVE-2017-8004 Improper Input Validation vulnerability in multiple products
The EMC RSA Identity Governance and Lifecycle, RSA Via Lifecycle and Governance and RSA IMG products (RSA Identity Governance and Lifecycle versions 7.0.1, 7.0.2, all patch levels; RSA Via Lifecycle and Governance version 7.0, all patch levels; RSA Identity Management and Governance (RSA IMG) versions 6.9.1, all patch levels) allow an application administrator to upload arbitrary files that may potentially contain a malicious code.
network
low complexity
emc rsa CWE-20
7.2
2017-07-17 CVE-2017-9951 Unspecified vulnerability in Memcached
The try_read_command function in memcached.c in memcached before 1.4.39 allows remote attackers to cause a denial of service (segmentation fault) via a request to add/set a key, which makes a comparison between signed and unsigned int and triggers a heap-based buffer over-read.
network
low complexity
memcached
7.5
2017-07-17 CVE-2017-9814 Out-of-bounds Read vulnerability in multiple products
cairo-truetype-subset.c in cairo 1.15.6 and earlier allows remote attackers to cause a denial of service (out-of-bounds read) because of mishandling of an unexpected malloc(0) call.
network
low complexity
cairographics opensuse CWE-125
7.5
2017-07-17 CVE-2017-7688 Unspecified vulnerability in Apache Openmeetings
Apache OpenMeetings 1.0.0 updates user password in insecure manner.
network
low complexity
apache
7.5
2017-07-17 CVE-2017-7684 Resource Exhaustion vulnerability in Apache Openmeetings
Apache OpenMeetings 1.0.0 doesn't check contents of files being uploaded.
network
low complexity
apache CWE-400
7.5