Vulnerabilities > High
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2017-07-28 | CVE-2017-11646 | Cross-Site Request Forgery (CSRF) vulnerability in Netcomm 4Gt101W Bootloader and 4Gt101W Software NetComm Wireless 4GT101W routers with Hardware: 0.01 / Software: V1.1.8.8 / Bootloader: 1.1.3 are vulnerable to CSRF attacks, as demonstrated by using administration.html to disable the firewall. | 8.8 |
| 2017-07-27 | CVE-2016-8743 | Apache HTTP Server, in all releases prior to 2.2.32 and 2.4.25, was liberal in the whitespace accepted from requests and sent in response lines and headers. | 7.5 |
| 2017-07-27 | CVE-2016-2161 | Improper Input Validation vulnerability in Apache Http Server In Apache HTTP Server versions 2.4.0 to 2.4.23, malicious input to mod_auth_digest can cause the server to crash, and each instance continues to crash even for subsequently valid requests. | 7.5 |
| 2017-07-27 | CVE-2016-0736 | Cryptographic Issues vulnerability in Apache Http Server In Apache HTTP Server versions 2.4.0 to 2.4.23, mod_session_crypto was encrypting its data/cookie using the configured ciphers with possibly either CBC or ECB modes of operation (AES256-CBC by default), hence no selectable or builtin authenticated encryption. | 7.5 |
| 2017-07-27 | CVE-2017-8870 | Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in Mediacoderhq Audiocoder 0.8.46 Buffer overflow in AudioCoder 0.8.46 allows remote attackers to execute arbitrary code via a crafted .m3u file. | 7.8 |
| 2017-07-27 | CVE-2016-10399 | File and Directory Information Exposure vulnerability in Sendio Sendio versions before 8.2.1 were affected by a Local File Inclusion vulnerability that allowed an unauthenticated, remote attacker to read potentially sensitive system files via a specially crafted URL. | 7.5 |
| 2017-07-27 | CVE-2016-10402 | Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in Avira Antivirus 1.0.2303.633/5.0.2003.1821/8.3.36.59 Avira Antivirus engine versions before 8.3.36.60 allow remote code execution as NT AUTHORITY\SYSTEM via a section header with a very large relative virtual address in a PE file, causing an integer overflow and heap-based buffer underflow. | 7.8 |
| 2017-07-27 | CVE-2017-8869 | Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in Mediacoder 0.8.48.5888 Buffer overflow in MediaCoder 0.8.48.5888 allows remote attackers to execute arbitrary code via a crafted .m3u file. | 7.8 |
| 2017-07-27 | CVE-2017-11665 | Improper Input Validation vulnerability in Ffmpeg 3.3.2 The ff_amf_get_field_value function in libavformat/rtmppkt.c in FFmpeg 3.3.2 allows remote RTMP servers to cause a denial of service (Segmentation Violation and application crash) via a crafted stream. | 7.5 |
| 2017-07-27 | CVE-2017-9614 | Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in D.R.Commander Libjpeg-Turbo 1.5.1 The fill_input_buffer function in jdatasrc.c in libjpeg-turbo 1.5.1 allows remote attackers to cause a denial of service (invalid memory access and application crash) or possibly have unspecified other impact via a crafted jpg file. | 8.8 |