Vulnerabilities > High
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2017-10-31 | CVE-2017-10946 | Use After Free vulnerability in Foxitsoftware Foxit Reader 8.2.1.6871 This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Foxit Reader 8.2.1.6871. | 8.8 |
| 2017-10-31 | CVE-2017-10945 | Use After Free vulnerability in Foxitsoftware Foxit Reader 8.3.0.14878 This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Foxit Reader 8.3.0.14878. | 8.8 |
| 2017-10-31 | CVE-2017-10941 | Use After Free vulnerability in Foxitsoftware Foxit Reader 8.3.0.14878 This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Foxit Reader 8.3.0.14878. | 8.8 |
| 2017-10-31 | CVE-2017-10940 | Unrestricted Upload of File with Dangerous Type vulnerability in Joyent Triton Datacenter This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Joyent Smart Data Center prior to [email protected] (e469cf49-4de3-4658-8419-ab42837916ad). | 8.8 |
| 2017-10-31 | CVE-2017-15884 | Race Condition vulnerability in Hashicorp Vagrant VMWare Fusion 5.0.0 In HashiCorp Vagrant VMware Fusion plugin (aka vagrant-vmware-fusion) 5.0.0, a local attacker or malware can silently subvert the plugin update process in order to escalate to root privileges. | 7.0 |
| 2017-10-31 | CVE-2017-14163 | Session Fixation vulnerability in Mahara An issue was discovered in Mahara before 15.04.14, 16.x before 16.04.8, 16.10.x before 16.10.5, and 17.x before 17.04.3. | 8.8 |
| 2017-10-31 | CVE-2017-1000256 | Improper Certificate Validation vulnerability in multiple products libvirt version 2.3.0 and later is vulnerable to a bad default configuration of "verify-peer=no" passed to QEMU by libvirt resulting in a failure to validate SSL/TLS certificates by default. | 8.1 |
| 2017-10-31 | CVE-2017-3935 | Information Exposure vulnerability in Mcafee Network Data Loss Prevention 9.3.0 Network Data Loss Prevention is vulnerable to MIME type sniffing which allows older versions of Internet Explorer to perform MIME-sniffing on the response body, potentially causing the response body to be interpreted and displayed as a content type other than the intended content type. | 7.5 |
| 2017-10-31 | CVE-2017-15950 | Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in Flexense Syncbreeze 10.1.16 Flexense SyncBreeze Enterprise version 10.1.16 is vulnerable to a buffer overflow that can be exploited for arbitrary code execution. | 7.8 |
| 2017-10-30 | CVE-2017-14919 | Improper Input Validation vulnerability in Nodejs Node.Js Node.js before 4.8.5, 6.x before 6.11.5, and 8.x before 8.8.0 allows remote attackers to cause a denial of service (uncaught exception and crash) by leveraging a change in the zlib module 1.2.9 making 8 an invalid value for the windowBits parameter. | 7.5 |