Vulnerabilities > High
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2017-05-11 | CVE-2016-9092 | Cross-Site Request Forgery (CSRF) vulnerability in Symantec Content Analysis and Mail Threat Defense The Symantec Content Analysis (CA) 1.3, 2.x prior to 2.2.1.1, and Mail Threat Defense (MTD) 1.1 management consoles are susceptible to a cross-site request forging (CSRF) vulnerability. | 8.8 |
| 2017-05-11 | CVE-2015-5436 | Unspecified vulnerability in HP Integrated Lights-Out Firmware A potential security vulnerability has been identified with HP Integrated Lights-Out 4 (iLO 4) firmware version 2.11 and later, but prior to version 2.30. | 7.5 |
| 2017-05-10 | CVE-2017-8852 | Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in SAP Sapcar 721.510 SAP SAPCAR 721.510 has a Heap Based Buffer Overflow Vulnerability. | 7.8 |
| 2017-05-10 | CVE-2017-8890 | Double Free vulnerability in multiple products The inet_csk_clone_lock function in net/ipv4/inet_connection_sock.c in the Linux kernel through 4.10.15 allows attackers to cause a denial of service (double free) or possibly have unspecified other impact by leveraging use of the accept system call. | 7.8 |
| 2017-05-10 | CVE-2017-7698 | Use After Free vulnerability in Swftools A Use After Free in the pdf2swf part of swftools 0.9.2 and earlier allows remote attackers to execute arbitrary code via a malformed PDF document, possibly a consequence of an error in Gfx.cc in Xpdf 3.02. | 7.8 |
| 2017-05-10 | CVE-2017-4895 | Unspecified vulnerability in VMWare Airwatch Agent and Airwatch Inbox Airwatch Agent for Android contains a vulnerability that may allow a device to bypass root detection. | 8.8 |
| 2017-05-10 | CVE-2017-1137 | Unspecified vulnerability in IBM Websphere Application Server 8.0/8.5/8.5.5 IBM WebSphere Application Server 8.0 and 8.5.5 could provide weaker than expected security. | 8.1 |
| 2017-05-10 | CVE-2017-1103 | XXE vulnerability in IBM Rational Quality Manager and Rational Team Concert IBM Team Concert (RTC) is vulnerable to a denial of service, caused by an XML External Entity Injection (XXE) error when processing XML data. | 8.1 |
| 2017-05-10 | CVE-2016-9250 | Permissions, Privileges, and Access Controls vulnerability in F5 products In F5 BIG-IP 11.2.1, 11.4.0 through 11.6.1, and 12.0.0 through 12.1.2, an unauthenticated user with access to the control plane may be able to delete arbitrary files through an undisclosed mechanism. | 7.5 |
| 2017-05-10 | CVE-2016-5889 | Cross-Site Request Forgery (CSRF) vulnerability in IBM Interact IBM Interact 8.6, 9.0, 9.1, and 10.0 is vulnerable to cross-site request forgery which could allow an attacker to execute malicious and unauthorized actions transmitted from a user that the website trusts. | 8.8 |