Vulnerabilities > High

DATE CVE VULNERABILITY TITLE RISK
2017-05-09 CVE-2017-3073 Use After Free vulnerability in multiple products
Adobe Flash Player versions 25.0.0.148 and earlier have an exploitable use after free vulnerability when handling multiple mask properties of display objects, aka memory corruption.
network
low complexity
adobe redhat CWE-416
8.8
8.8
2017-05-09 CVE-2017-3072 Out-of-bounds Write vulnerability in multiple products
Adobe Flash Player versions 25.0.0.148 and earlier have an exploitable memory corruption vulnerability in the BitmapData class.
network
low complexity
adobe redhat CWE-787
8.8
8.8
2017-05-09 CVE-2017-3071 Use After Free vulnerability in multiple products
Adobe Flash Player versions 25.0.0.148 and earlier have an exploitable use after free vulnerability when masking display objects.
network
low complexity
adobe redhat CWE-416
8.8
8.8
2017-05-09 CVE-2017-3070 Out-of-bounds Write vulnerability in multiple products
Adobe Flash Player versions 25.0.0.148 and earlier have an exploitable memory corruption vulnerability in the ConvolutionFilter class.
network
low complexity
adobe redhat CWE-787
8.8
8.8
2017-05-09 CVE-2017-3069 Out-of-bounds Write vulnerability in multiple products
Adobe Flash Player versions 25.0.0.148 and earlier have an exploitable memory corruption vulnerability in the BlendMode class.
network
low complexity
adobe redhat CWE-787
8.8
8.8
2017-05-09 CVE-2017-3068 Out-of-bounds Write vulnerability in multiple products
Adobe Flash Player versions 25.0.0.148 and earlier have an exploitable memory corruption vulnerability in the Advanced Video Coding engine.
network
low complexity
adobe redhat CWE-787
8.8
8.8
2017-05-09 CVE-2017-3067 Information Exposure vulnerability in Adobe Experience Manager Forms 6.0/6.1/6.2
Adobe Experience Manager Forms versions 6.2, 6.1, 6.0 have an information disclosure vulnerability resulting from abuse of the pre-population service in AEM Forms.
network
low complexity
adobe CWE-200
7.5
7.5
2017-05-09 CVE-2016-9256 Race Condition vulnerability in F5 products
In F5 BIG-IP 12.1.0 through 12.1.2, permissions enforced by iControl can lag behind the actual permissions assigned to a user if the role_map is not reloaded between the time the permissions are changed and the time of the user's next request.
network
high complexity
f5 CWE-362
7.5
7.5
2017-05-09 CVE-2016-9253 Improper Input Validation vulnerability in F5 products
In F5 BIG-IP 12.1.0 through 12.1.2, specific websocket traffic patterns may cause a disruption of service for virtual servers configured to use the websocket profile.
network
low complexity
f5 CWE-20
7.5
7.5
2017-05-09 CVE-2016-9251 Permissions, Privileges, and Access Controls vulnerability in F5 products
In F5 BIG-IP 12.0.0 through 12.1.2, an authenticated attacker may be able to cause an escalation of privileges through a crafted iControl REST connection.
network
low complexity
f5 CWE-264
8.8
8.8