Vulnerabilities > High

DATE CVE VULNERABILITY TITLE RISK
2017-07-17 CVE-2017-7683 Information Exposure vulnerability in Apache Openmeetings
Apache OpenMeetings 1.0.0 displays Tomcat version and detailed error stack trace, which is not secure.
network
low complexity
apache CWE-200
7.5
2017-07-17 CVE-2017-7682 Unspecified vulnerability in Apache Openmeetings 3.2.0/3.2.1
Apache OpenMeetings 3.2.0 is vulnerable to parameter manipulation attacks, as a result attacker has access to restricted areas.
network
low complexity
apache
8.2
2017-07-17 CVE-2017-7681 SQL Injection vulnerability in Apache Openmeetings
Apache OpenMeetings 1.0.0 is vulnerable to SQL injection.
network
low complexity
apache CWE-89
8.8
2017-07-17 CVE-2017-7680 Unspecified vulnerability in Apache Openmeetings
Apache OpenMeetings 1.0.0 has an overly permissive crossdomain.xml file.
network
low complexity
apache
7.5
2017-07-17 CVE-2017-7666 Cross-site Scripting vulnerability in Apache Openmeetings
Apache OpenMeetings 1.0.0 is vulnerable to Cross-Site Request Forgery (CSRF) attacks, XSS attacks, click-jacking, and MIME based attacks.
network
low complexity
apache CWE-79
8.8
2017-07-17 CVE-2017-3101 Unspecified vulnerability in Adobe Connect
Adobe Connect versions 9.6.1 and earlier have a clickjacking vulnerability.
network
low complexity
adobe
7.5
2017-07-17 CVE-2017-3099 Out-of-bounds Write vulnerability in Adobe Flash Player and Flash Player Desktop Runtime
Adobe Flash Player versions 26.0.0.131 and earlier have an exploitable memory corruption vulnerability in the Action Script 3 raster data model.
network
low complexity
adobe CWE-787
8.8
2017-07-17 CVE-2017-2349 Command Injection vulnerability in Juniper Junos
A command injection vulnerability in the IDP feature of Juniper Networks Junos OS on SRX series devices potentially allows a user with login access to the device to execute shell commands and elevate privileges.
network
low complexity
juniper CWE-77
8.8
2017-07-17 CVE-2017-2348 Resource Exhaustion vulnerability in Juniper Junos
The Juniper Enhanced jdhcpd daemon may experience high CPU utilization, or crash and restart upon receipt of an invalid IPv6 UDP packet.
network
low complexity
juniper CWE-400
7.5
2017-07-17 CVE-2017-2347 Improper Input Validation vulnerability in Juniper Junos
A denial of service vulnerability in rpd daemon of Juniper Networks Junos OS allows a malformed MPLS ping packet to crash the rpd daemon if MPLS OAM is configured.
network
low complexity
juniper CWE-20
7.5