Vulnerabilities > High
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2017-05-12 | CVE-2016-4882 | Cross-Site Request Forgery (CSRF) vulnerability in Basercms 3.0.10 Cross-site request forgery (CSRF) vulnerability in baserCMS version 3.0.10 and earlier allows remote attackers to hijack the authentication of administrators via unspecified vectors. | 8.8 |
| 2017-05-12 | CVE-2016-4881 | Cross-Site Request Forgery (CSRF) vulnerability in Basercms 3.0.10 Cross-site request forgery (CSRF) vulnerability in baserCMS plugin Blog version 3.0.10 and earlier allows remote attackers to hijack the authentication of administrators via unspecified vectors. | 8.8 |
| 2017-05-12 | CVE-2016-4879 | Cross-Site Request Forgery (CSRF) vulnerability in Basercms Cross-site request forgery (CSRF) vulnerability in baserCMS plugin Mail version 3.0.10 and earlier allows remote attackers to hijack the authentication of administrators via unspecified vectors. | 8.8 |
| 2017-05-12 | CVE-2016-4878 | Cross-Site Request Forgery (CSRF) vulnerability in Basercms 3.0.10 Cross-site request forgery (CSRF) vulnerability in baserCMS version 3.0.10 and earlier allows remote attackers to hijack the authentication of administrators via unspecified vectors. | 8.8 |
| 2017-05-12 | CVE-2016-4876 | Cross-Site Request Forgery (CSRF) vulnerability in Basercms 3.0.10 Cross-site request forgery (CSRF) vulnerability in baserCMS version 3.0.10 and earlier allows remote attackers to hijack the authentication of administrators to execute arbitrary PHP code via unspecified vectors. | 8.8 |
| 2017-05-12 | CVE-2016-4864 | Use of Externally-Controlled Format String vulnerability in Dena H2O H2O versions 2.0.3 and earlier and 2.1.0-beta2 and earlier allows remote attackers to cause a denial-of-service (DoS) via format string specifiers in a template file via fastcgi, mruby, proxy, redirect or reproxy. | 7.5 |
| 2017-05-12 | CVE-2016-4838 | Improper Input Validation vulnerability in Moneyforward products The Android Apps Money Forward (prior to v7.18.0), Money Forward for The Gunma Bank (prior to v1.2.0), Money Forward for SHIGA BANK (prior to v1.2.0), Money Forward for SHIZUOKA BANK (prior to v1.4.0), Money Forward for SBI Sumishin Net Bank (prior to v1.6.0), Money Forward for Tokai Tokyo Securities (prior to v1.4.0), Money Forward for THE TOHO BANK (prior to v1.3.0), Money Forward for YMFG (prior to v1.5.0) provided by Money Forward, Inc. | 7.8 |
| 2017-05-12 | CVE-2017-0623 | Unspecified vulnerability in Linux Kernel 3.18 An elevation of privilege vulnerability in the HTC bootloader could enable a local malicious application to execute arbitrary code within the context of the bootloader. | 7.0 |
| 2017-05-12 | CVE-2017-0622 | Improper Handling of Exceptional Conditions vulnerability in Linux Kernel 3.10 An elevation of privilege vulnerability in the Goodix touchscreen driver could enable a local malicious application to execute arbitrary code within the context of the kernel. | 7.0 |
| 2017-05-12 | CVE-2017-0621 | Unspecified vulnerability in Linux Kernel 3.10 An elevation of privilege vulnerability in the Qualcomm camera driver could enable a local malicious application to execute arbitrary code within the context of the kernel. | 7.0 |