Vulnerabilities > High
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2017-10-05 | CVE-2017-12106 | Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in Pl32 Photoline 20.02 A memory corruption vulnerability exists in the .TGA parsing functionality of Computerinsel Photoline 20.02. | 7.8 |
| 2017-10-05 | CVE-2017-1378 | Insufficiently Protected Credentials vulnerability in IBM Tivoli Storage Manager IBM Spectrum Protect 7.1 and 8.1 (formerly Tivoli Storage Manager) disclosed unencrypted login credentials to Vmware vCenter in the application trace output which could be obtained by a local user. | 7.8 |
| 2017-10-05 | CVE-2017-1201 | Insufficiently Protected Credentials vulnerability in IBM Bigfix Security Compliance Analytics 1.9.79 IBM BigFix Compliance Analytics 1.9.79 (TEMA SUAv1 SCA SCM) stores user credentials in clear text which can be read by a local user. | 7.8 |
| 2017-10-05 | CVE-2017-14353 | Code Injection vulnerability in HP Ucmdb Foundation Software A remote code execution vulnerability in HP UCMDB Foundation Software versions 10.10, 10.11, 10.20, 10.21, 10.22, 10.30, 10.31, 10.32, and 10.33, could be remotely exploited to allow code execution. | 8.8 |
| 2017-10-05 | CVE-2017-15037 | Out-of-bounds Read vulnerability in Freebsd In FreeBSD through 11.1, the smb_strdupin function in sys/netsmb/smb_subr.c has a race condition with a resultant out-of-bounds read, because it can cause t2p->t_name strings to lack a final '\0' character. | 8.1 |
| 2017-10-05 | CVE-2017-15035 | Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in Emtec Pyrobatchftp EmTec PyroBatchFTP before 3.18 allows remote servers to cause a denial of service (application crash). | 7.5 |
| 2017-10-05 | CVE-2017-15033 | Missing Release of Resource after Effective Lifetime vulnerability in multiple products ImageMagick version 7.0.7-2 contains a memory leak in ReadYUVImage in coders/yuv.c. | 7.5 |
| 2017-10-05 | CVE-2017-12270 | Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in Cisco IOS XR A vulnerability in the gRPC code of Cisco IOS XR Software for Cisco Network Convergence System (NCS) 5500 Series Routers could allow an unauthenticated, remote attacker to cause a denial of service (DoS) condition when the emsd service stops. | 7.5 |
| 2017-10-05 | CVE-2017-12263 | Path Traversal vulnerability in Cisco License Manager 3.2.6 A vulnerability in the web interface of Cisco License Manager software could allow an unauthenticated, remote attacker to download and view files within the application that should be restricted, aka Directory Traversal. | 7.5 |
| 2017-10-05 | CVE-2017-12246 | Improper Input Validation vulnerability in Cisco Adaptive Security Appliance Software 9.4(3)/9.7(1)/9.8(0.56) A vulnerability in the implementation of the direct authentication feature in Cisco Adaptive Security Appliance (ASA) Software could allow an unauthenticated, remote attacker to cause an affected device to unexpectedly reload, resulting in a denial of service (DoS) condition. | 8.6 |