Vulnerabilities > High
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2017-07-17 | CVE-2017-1000021 | XXE vulnerability in Logicaldoc LogicalDoc Community Edition 7.5.3 and prior is vulnerable to XXE when indexing XML documents. | 8.8 |
| 2017-07-17 | CVE-2017-1000018 | Improper Input Validation vulnerability in PHPmyadmin phpMyAdmin 4.0, 4.4., and 4.6 are vulnerable to a DOS attack in the replication status by using a specially crafted table name | 7.5 |
| 2017-07-17 | CVE-2017-1000017 | Server-Side Request Forgery (SSRF) vulnerability in PHPmyadmin phpMyAdmin 4.0, 4.4 and 4.6 are vulnerable to a weakness where a user with appropriate permissions is able to connect to an arbitrary MySQL server | 8.8 |
| 2017-07-17 | CVE-2017-1000016 | Improper Input Validation vulnerability in PHPmyadmin A weakness was discovered where an attacker can inject arbitrary values in to the browser cookies. | 7.5 |
| 2017-07-17 | CVE-2017-1000014 | Improper Input Validation vulnerability in PHPmyadmin phpMyAdmin 4.0, 4.4, and 4.6 are vulnerable to a DOS weakness in the table editing functionality | 7.5 |
| 2017-07-17 | CVE-2017-1000010 | Uncontrolled Search Path Element vulnerability in Audacityteam Audacity Audacity 2.1.2 through 2.3.2 is vulnerable to Dll HIjacking in the avformat-55.dll resulting arbitrary code execution. | 7.8 |
| 2017-07-17 | CVE-2017-1000008 | Cross-Site Request Forgery (CSRF) vulnerability in Chyrp-Lite Project Chyrp Lite 2016.04 Chyrp Lite version 2016.04 is vulnerable to a CSRF in the user settings function allowing attackers to hijack the authentication of logged in users to modify account information, including their password. | 8.8 |
| 2017-07-17 | CVE-2017-1000001 | Improper Input Validation vulnerability in Fedoraproject Fedmsg FedMsg 0.18.1 and older is vulnerable to a message validation flaw resulting in message validation not being enabled if configured to be on. | 7.5 |
| 2017-07-17 | CVE-2017-0152 | Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in Microsoft Edge A remote code execution vulnerability exists in the way affected Microsoft scripting engine render when handling objects in memory in Microsoft browsers. | 8.1 |
| 2017-07-17 | CVE-2016-4996 | Credentials Management vulnerability in Redhat Satellite 6.3 discovery-debug in Foreman before 6.2 when the ssh service has been enabled on discovered nodes displays the root password in plaintext in the system journal when used to log in, which allows local users with access to the system journal to obtain the root password by reading the system journal, or by clicking Logs on the console. | 7.0 |