Vulnerabilities > High
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2017-05-04 | CVE-2017-8776 | Unspecified vulnerability in Quickheal Antivirus Pro, Internet Security and Total Security Quick Heal Internet Security 10.1.0.316, Quick Heal Total Security 10.1.0.316, and Quick Heal AntiVirus Pro 10.1.0.316 have approximately 165 PE files in the default installation that do not use ASLR/DEP protection mechanisms that provide sufficient defense against directed attacks against the product. | 7.5 |
| 2017-05-03 | CVE-2017-6625 | Unspecified vulnerability in Cisco Firepower Threat Defense A "Cisco Firepower Threat Defense 6.0.0 through 6.2.2 and Cisco ASA with FirePOWER Module Denial of Service" vulnerability in the access control policy of Cisco Firepower System Software could allow an authenticated, remote attacker to cause an affected system to stop inspecting and processing packets, resulting in a denial of service (DoS) condition. | 7.1 |
| 2017-05-03 | CVE-2017-5481 | Information Exposure vulnerability in Trendmicro Officescan 11.0/12.0 Trend Micro OfficeScan 11.0 before SP1 CP 6325 and XG before CP 1352 allows remote authenticated users to gain privileges by leveraging a leak of an encrypted password during a web-console operation. | 8.8 |
| 2017-05-03 | CVE-2016-9976 | Improper Access Control vulnerability in IBM products IBM Maximo Asset Management 7.1, 7.5, and 7.6 could allow a remote attacker to include arbitrary files. | 8.4 |
| 2017-05-03 | CVE-2016-2930 | Improper Access Control vulnerability in IBM Bigfix Remote Control 9.1.3 IBM BigFix Remote Control 9.1.3 could allow a remote attacker to perform actions reserved for an administrator without authentication. | 7.5 |
| 2017-05-03 | CVE-2017-5240 | Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in Rapid7 Appspider PRO Editions of Rapid7 AppSpider Pro prior to version 6.14.060 contain a heap-based buffer overflow in the FLAnalyzer.exe component. | 7.5 |
| 2017-05-03 | CVE-2017-5236 | Untrusted Search Path vulnerability in Rapid7 Appspider PRO Editions of Rapid7 AppSpider Pro installers prior to version 6.14.060 contain a DLL preloading vulnerability, wherein it is possible for the installer to load a malicious DLL located in the current working directory of the installer. | 7.8 |
| 2017-05-03 | CVE-2016-10367 | Path Traversal vulnerability in Opsview In Opsview Monitor Pro (Prior to 5.1.0.162300841, prior to 5.0.2.27475, prior to 4.6.4.162391051, and 4.5.x without a certain 2016 security patch), an unauthenticated Directory Traversal vulnerability can be exploited by issuing a specially crafted HTTP GET request utilizing a simple URL encoding bypass, %252f instead of /. | 7.5 |
| 2017-05-03 | CVE-2017-8455 | Out-of-bounds Read vulnerability in Foxitsoftware Foxit Reader Foxit Reader before 8.2.1 and PhantomPDF before 8.2.1 have an out-of-bounds read that allows remote attackers to obtain sensitive information or possibly execute arbitrary code via a crafted font in a PDF document. | 7.8 |
| 2017-05-03 | CVE-2017-8454 | Out-of-bounds Read vulnerability in Foxitsoftware Foxit Reader Foxit Reader before 8.2.1 and PhantomPDF before 8.2.1 have an out-of-bounds read that allows remote attackers to obtain sensitive information or possibly execute arbitrary code via a crafted font in a PDF document. | 8.8 |