Vulnerabilities > High
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2017-07-25 | CVE-2017-7541 | Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in Linux Kernel The brcmf_cfg80211_mgmt_tx function in drivers/net/wireless/broadcom/brcm80211/brcmfmac/cfg80211.c in the Linux kernel before 4.12.3 allows local users to cause a denial of service (buffer overflow and system crash) or possibly gain privileges via a crafted NL80211_CMD_FRAME Netlink packet. | 7.8 |
| 2017-07-25 | CVE-2015-2280 | OS Command Injection vulnerability in Airlink101 Skyipcam1620W Wireless N Mpeg4 3Gpp Firmware 1.1.01220120709 snwrite.cgi in AirLink101 SkyIPCam1620W Wireless N MPEG4 3GPP network camera with firmware FW_AIC1620W_1.1.0-12_20120709_r1192.pck allows remote authenticated users to execute arbitrary OS commands via shell metacharacters in the mac parameter. | 8.8 |
| 2017-07-25 | CVE-2015-1847 | Path Traversal vulnerability in Appserver Directory traversal vulnerability in the web request/response interface in Appserver before 1.0.3 allows remote attackers to read normally inaccessible files via a .. | 7.5 |
| 2017-07-24 | CVE-2017-1382 | Incorrect Default Permissions vulnerability in IBM Websphere Application Server IBM WebSphere Application Server 7.0, 8.0, 8.5, and 9.0 might create files using the default permissions instead of the customized permissions when custom startup scripts are used. | 7.1 |
| 2017-07-24 | CVE-2017-9553 | Unspecified vulnerability in Synology Diskstation Manager A design flaw in SYNO.API.Encryption in Synology DiskStation Manager (DSM) before 6.1.3-15152 allows remote attackers to bypass the encryption protection mechanism via the crafted version parameter. | 7.5 |
| 2017-07-24 | CVE-2017-8036 | Unspecified vulnerability in Cloudfoundry Capi-Release 1.33.0 An issue was discovered in the Cloud Controller API in Cloud Foundry Foundation CAPI-release version 1.33.0 (only). | 7.8 |
| 2017-07-24 | CVE-2015-7703 | Improper Input Validation vulnerability in multiple products The "pidfile" or "driftfile" directives in NTP ntpd 4.2.x before 4.2.8p4, and 4.3.x before 4.3.77, when ntpd is configured to allow remote configuration, allows remote attackers with an IP address that is allowed to send configuration requests, and with knowledge of the remote configuration password to write to arbitrary files via the :config command. | 7.5 |
| 2017-07-24 | CVE-2017-11326 | Unrestricted Upload of File with Dangerous Type vulnerability in Tilde CMS Project Tilde CMS 1.0.1 An issue was discovered in Tilde CMS 1.0.1. | 7.5 |
| 2017-07-24 | CVE-2017-11325 | Information Exposure vulnerability in Tilde CMS Project Tilde CMS 1.0.1 An issue was discovered in Tilde CMS 1.0.1. | 7.5 |
| 2017-07-24 | CVE-2017-11422 | Incorrect Permission Assignment for Critical Resource vulnerability in Statamic Statamic framework before 2.6.0 does not correctly check a session's permissions when the methods from a user's class are called. | 8.8 |