Vulnerabilities > High
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2017-10-06 | CVE-2017-13068 | SQL Injection vulnerability in Qnap QTS Helpdesk 1.1.12 QNAP has already patched this vulnerability. | 7.5 |
| 2017-10-06 | CVE-2017-1002153 | Improper Input Validation vulnerability in Koji Project Koji 1.13.0 Koji 1.13.0 does not properly validate SCM paths, allowing an attacker to work around blacklisted paths for build submission. | 7.5 |
| 2017-10-06 | CVE-2015-5246 | 7PK - Security Features vulnerability in Theforeman Foreman 1.9.0 The LDAP Authentication functionality in Foreman might allow remote attackers with knowledge of old passwords to gain access via vectors involving the password lifetime period in Active Directory. | 8.1 |
| 2017-10-06 | CVE-2015-2297 | NULL Pointer Dereference vulnerability in Libcsoap Project Libcsoap nanohttp in libcsoap allows remote attackers to cause a denial of service (NULL pointer dereference and application crash) via a crafted Authorization header. | 7.5 |
| 2017-10-06 | CVE-2015-2158 | Numeric Errors vulnerability in Pngcrush Project Pngcrush Off-by-one error in the pngcrush_measure_idat function in pngcrush.c in pngcrush before 1.7.84 allows remote attackers to cause a denial of service (application crash) or possibly execute arbitrary code via a crafted PNG file. | 7.8 |
| 2017-10-06 | CVE-2014-0047 | Unspecified vulnerability in Docker Docker before 1.5 allows local users to have unspecified impact via vectors involving unsafe /tmp usage. | 7.8 |
| 2017-10-06 | CVE-2017-1000254 | Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in Haxx Libcurl libcurl may read outside of a heap allocated buffer when doing FTP. | 7.5 |
| 2017-10-06 | CVE-2017-15063 | Cross-Site Request Forgery (CSRF) vulnerability in Intelliants Subrion There are CSRF vulnerabilities in Subrion CMS 4.1.x through 4.1.5, and before 4.2.0, because of a logic error. | 8.8 |
| 2017-10-06 | CVE-2017-15056 | NULL Pointer Dereference vulnerability in UPX Project UPX 3.94 p_lx_elf.cpp in UPX 3.94 mishandles ELF headers, which allows remote attackers to cause a denial of service (application crash) or possibly have unspecified other impact via a crafted binary file, as demonstrated by an Invalid Pointer Read in PackLinuxElf64::unpack(). | 7.8 |
| 2017-10-06 | CVE-2017-12730 | Unquoted Search Path or Element vulnerability in Myscada Mypro 7/7.0.26 An Unquoted Search Path issue was discovered in mySCADA myPRO Versions 7.0.26 and prior. | 7.8 |