Vulnerabilities > High

DATE CVE VULNERABILITY TITLE RISK
2017-08-07 CVE-2017-12663 Missing Release of Resource after Effective Lifetime vulnerability in Imagemagick 7.0.62
ImageMagick 7.0.6-2 has a memory leak vulnerability in WriteMAPImage in coders/map.c.
network
low complexity
imagemagick CWE-772
8.8
8.8
2017-08-07 CVE-2017-12662 Missing Release of Resource after Effective Lifetime vulnerability in Imagemagick 7.0.62
ImageMagick 7.0.6-2 has a memory leak vulnerability in WritePDFImage in coders/pdf.c.
network
low complexity
imagemagick CWE-772
8.8
8.8
2017-08-07 CVE-2017-12637 Path Traversal vulnerability in SAP Netweaver Application Server Java 7.50
Directory traversal vulnerability in scheduler/ui/js/ffffffffbca41eb4/UIUtilJavaScriptJS in SAP NetWeaver Application Server Java 7.5 allows remote attackers to read arbitrary files via a ..
network
low complexity
sap CWE-22
7.5
7.5
2017-08-07 CVE-2016-7976 Improper Input Validation vulnerability in Artifex Ghostscript 9.18/9.20
The PS Interpreter in Ghostscript 9.18 and 9.20 allows remote attackers to execute arbitrary code via crafted userparams.
network
low complexity
artifex CWE-20
8.8
8.8
2017-08-07 CVE-2016-6220 Information Exposure vulnerability in Trendmicro Control Manager 6.0
Information Disclosure vulnerability in the Dashboard and Error Pages in Trend Micro Control Manager SP3 6.0.
network
low complexity
trendmicro CWE-200
7.5
7.5
2017-08-07 CVE-2015-7854 Classic Buffer Overflow vulnerability in multiple products
Buffer overflow in the password management functionality in NTP 4.2.x before 4.2.8p4, and 4.3.x before 4.3.77 allows remote authenticated users to cause a denial of service (daemon crash) or possibly execute arbitrary code via a crafted key file.
network
low complexity
ntp netapp CWE-120
8.8
8.8
2017-08-07 CVE-2015-7849 Use After Free vulnerability in multiple products
Use-after-free vulnerability in ntpd in NTP 4.2.x before 4.2.8p4, and 4.3.x before 4.3.77 allows remote authenticated users to possibly execute arbitrary code or cause a denial of service (crash) via crafted packets.
network
low complexity
ntp netapp CWE-416
8.8
8.8
2017-08-07 CVE-2015-7704 Improper Input Validation vulnerability in multiple products
The ntpd client in NTP 4.x before 4.2.8p4 and 4.3.x before 4.3.77 allows remote attackers to cause a denial of service via a number of crafted "KOD" messages.
network
low complexity
ntp debian netapp redhat mcafee citrix CWE-20
7.5
7.5
2017-08-07 CVE-2015-7701 Missing Release of Resource after Effective Lifetime vulnerability in multiple products
Memory leak in the CRYPTO_ASSOC function in ntpd in NTP 4.2.x before 4.2.8p4, and 4.3.x before 4.3.77 allows remote attackers to cause a denial of service (memory consumption).
network
low complexity
ntp oracle debian netapp redhat CWE-772
7.5
7.5
2017-08-07 CVE-2015-7692 Improper Input Validation vulnerability in multiple products
The crypto_xmit function in ntpd in NTP 4.2.x before 4.2.8p4, and 4.3.x before 4.3.77 allows remote attackers to cause a denial of service (crash).
network
low complexity
ntp oracle debian netapp redhat CWE-20
7.5
7.5