Vulnerabilities > High
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2017-06-07 | CVE-2017-7965 | Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in Schneider-Electric Somachine Hvac 2.1.0 A buffer overflow vulnerability exists in Programming Software executable AlTracePrint.exe, in Schneider Electric's SoMachine HVAC v2.1.0 for Modicon M171/M172 Controller. | 7.3 |
| 2017-06-07 | CVE-2017-4904 | Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in VMWare products The XHCI controller in VMware ESXi 6.5 without patch ESXi650-201703410-SG, 6.0 U3 without patch ESXi600-201703401-SG, 6.0 U2 without patch ESXi600-201703403-SG, 6.0 U1 without patch ESXi600-201703402-SG, and 5.5 without patch ESXi550-201703401-SG; Workstation Pro / Player 12.x prior to 12.5.5; and Fusion Pro / Fusion 8.x prior to 8.5.6 has uninitialized memory usage. | 8.8 |
| 2017-06-07 | CVE-2017-4903 | Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in VMWare products VMware ESXi 6.5 without patch ESXi650-201703410-SG, 6.0 U3 without patch ESXi600-201703401-SG, 6.0 U2 without patch ESXi600-201703403-SG, 6.0 U1 without patch ESXi600-201703402-SG, and 5.5 without patch ESXi550-201703401-SG; Workstation Pro / Player 12.x prior to 12.5.5; and Fusion Pro / Fusion 8.x prior to 8.5.6 have an uninitialized stack memory usage in SVGA. | 8.8 |
| 2017-06-07 | CVE-2017-4902 | Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in VMWare products VMware ESXi 6.5 without patch ESXi650-201703410-SG and 5.5 without patch ESXi550-201703401-SG; Workstation Pro / Player 12.x prior to 12.5.5; and Fusion Pro / Fusion 8.x prior to 8.5.6 have a Heap Buffer Overflow in SVGA. | 8.8 |
| 2017-06-07 | CVE-2017-4898 | Unspecified vulnerability in VMWare Workstation Player and Workstation PRO VMware Workstation Pro/Player 12.x before 12.5.3 contains a DLL loading vulnerability that occurs due to the "vmware-vmx" process loading DLLs from a path defined in the local environment-variable. | 8.8 |
| 2017-06-07 | CVE-2016-9977 | Improper Input Validation vulnerability in IBM products IBM Maximo Asset Management 7.1, 7.5, and 7.6 could allow a remote attacker to hijack a user's session, caused by the failure to invalidate an existing session identifier. | 8.8 |
| 2017-06-07 | CVE-2017-7564 | Improper Input Validation vulnerability in ARM Trusted Firmware In ARM Trusted Firmware through 1.3, the secure self-hosted invasive debug interface allows normal world attackers to cause a denial of service (secure world panic) via vectors involving debug exceptions and debug registers. | 7.5 |
| 2017-06-07 | CVE-2017-7563 | Incorrect Permission Assignment for Critical Resource vulnerability in ARM Trusted Firmware In ARM Trusted Firmware 1.3, RO memory is always executable at AArch64 Secure EL1, allowing attackers to bypass the MT_EXECUTE_NEVER protection mechanism. | 8.1 |
| 2017-06-07 | CVE-2015-7888 | Path Traversal vulnerability in Samsung Galaxy S6 Edge Firmware G925Vvru1Aoe2 Directory traversal vulnerability in the WifiHs20UtilityService on the Samsung S6 Edge LRX22G.G925VVRU1AOE2 allows remote attackers to overwrite or create arbitrary files as the system-level user via a .. | 7.5 |
| 2017-06-07 | CVE-2015-7724 | Link Following vulnerability in AMD Fglrx-Driver 14.4.2/15.7 AMD fglrx-driver before 15.9 allows local users to gain privileges via a symlink attack. | 7.8 |