Vulnerabilities > High
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2017-06-26 | CVE-2017-7496 | Improper Handling of Exceptional Conditions vulnerability in Fedoraproject ARM Installer 1.99.16 fedora-arm-installer up to and including 1.99.16 is vulnerable to local privilege escalation due to lack of checking the error condition of mount operation failure on unsafely created temporary directories. | 7.0 |
| 2017-06-26 | CVE-2017-9935 | Out-of-bounds Read vulnerability in multiple products In LibTIFF 4.0.8, there is a heap-based buffer overflow in the t2p_write_pdf function in tools/tiff2pdf.c. | 8.8 |
| 2017-06-26 | CVE-2017-7459 | Injection vulnerability in Ntop Ntopng ntopng before 3.0 allows HTTP Response Splitting. | 7.5 |
| 2017-06-26 | CVE-2017-6678 | Improper Handling of Exceptional Conditions vulnerability in Cisco Virtualized Packet Core A vulnerability in the ingress UDP packet processing functionality of Cisco Virtualized Packet Core-Distributed Instance (VPC-DI) Software 19.2 through 21.0 could allow an unauthenticated, remote attacker to cause both control function (CF) instances on an affected system to reload, resulting in a denial of service (DoS) condition. | 7.5 |
| 2017-06-26 | CVE-2017-6669 | Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in Cisco Webex Advanced Recording Format Player 29.10 Multiple buffer overflow vulnerabilities exist in the Cisco WebEx Network Recording Player for Advanced Recording Format (ARF) files. | 7.8 |
| 2017-06-26 | CVE-2017-6662 | XXE vulnerability in Cisco products A vulnerability in the web-based user interface of Cisco Prime Infrastructure (PI) and Evolved Programmable Network Manager (EPNM) could allow an authenticated, remote attacker read and write access to information stored in the affected system as well as perform remote code execution. | 8.0 |
| 2017-06-25 | CVE-2017-9872 | Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in Lame Project Lame 3.99.5 The III_dequantize_sample function in layer3.c in mpglib, as used in libmpgdecoder.a in LAME 3.99.5 and other products, allows remote attackers to cause a denial of service (stack-based buffer overflow and application crash) or possibly have unspecified other impact via a crafted audio file. | 7.8 |
| 2017-06-25 | CVE-2017-9871 | Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in Lame Project Lame 3.99.5 The III_i_stereo function in layer3.c in mpglib, as used in libmpgdecoder.a in LAME 3.99.5 and other products, allows remote attackers to cause a denial of service (stack-based buffer overflow and application crash) or possibly have unspecified other impact via a crafted audio file. | 7.8 |
| 2017-06-25 | CVE-2017-9840 | Unrestricted Upload of File with Dangerous Type vulnerability in Dolibarr Dolibarr ERP/CRM 5.0.3 and prior allows low-privilege users to upload files of dangerous types, which can result in arbitrary code execution within the context of the vulnerable application. | 8.8 |
| 2017-06-24 | CVE-2017-9846 | Path Traversal vulnerability in Magicwinmail Winmail Server 6.1 Winmail Server 6.1 allows remote code execution by authenticated users who leverage directory traversal in a netdisk.php move_folder_file call to move a .php file from the FTP folder into a web folder. | 8.8 |