Vulnerabilities > High
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2017-07-10 | CVE-2017-11142 | Resource Exhaustion vulnerability in PHP In PHP before 5.6.31, 7.x before 7.0.17, and 7.1.x before 7.1.3, remote attackers could cause a CPU consumption denial of service attack by injecting long form variables, related to main/php_variables.c. | 7.5 |
| 2017-07-10 | CVE-2016-10397 | Improper Input Validation vulnerability in PHP In PHP before 5.6.28 and 7.x before 7.0.13, incorrect handling of various URI components in the URL parser could be used by attackers to bypass hostname-specific URL checks, as demonstrated by evil.example.com:80#@good.example.com/ and evil.example.com:[email protected]/ inputs to the parse_url function (implemented in the php_url_parse_ex function in ext/standard/url.c). | 7.5 |
| 2017-07-09 | CVE-2017-8002 | SQL Injection vulnerability in EMC Data Protection Advisor EMC Data Protection Advisor prior to 6.4 contains multiple blind SQL injection vulnerabilities. | 8.8 |
| 2017-07-08 | CVE-2017-11113 | NULL Pointer Dereference vulnerability in GNU Ncurses 6.0 In ncurses 6.0, there is a NULL Pointer Dereference in the _nc_parse_entry function of tinfo/parse_entry.c. | 7.5 |
| 2017-07-08 | CVE-2017-11112 | Improper Input Validation vulnerability in GNU Ncurses 6.0 In ncurses 6.0, there is an attempted 0xffffffffffffffff access in the append_acs function of tinfo/parse_entry.c. | 7.5 |
| 2017-07-08 | CVE-2017-11111 | Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in multiple products In Netwide Assembler (NASM) 2.14rc0, preproc.c allows remote attackers to cause a denial of service (heap-based buffer overflow and application crash) or possibly have unspecified other impact via a crafted file. | 7.8 |
| 2017-07-08 | CVE-2017-11110 | Out-of-bounds Write vulnerability in Fossies Catdoc 0.95 The ole_init function in ole.c in catdoc 0.95 allows remote attackers to cause a denial of service (heap-based buffer underflow and application crash) or possibly have unspecified other impact via a crafted file, i.e., data is written to memory addresses before the beginning of the tmpBuf buffer. | 7.8 |
| 2017-07-08 | CVE-2017-11109 | Use After Free vulnerability in VIM 8.0 Vim 8.0 allows attackers to cause a denial of service (invalid free) or possibly have unspecified other impact via a crafted source (aka -S) file. | 7.8 |
| 2017-07-08 | CVE-2017-11108 | Out-of-bounds Read vulnerability in Tcpdump 4.9.0 tcpdump 4.9.0 allows remote attackers to cause a denial of service (heap-based buffer over-read and application crash) via crafted packet data. | 7.5 |
| 2017-07-07 | CVE-2017-7660 | Improper Authentication vulnerability in Apache Solr Apache Solr uses a PKI based mechanism to secure inter-node communication when security is enabled. | 7.5 |