Vulnerabilities > High
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2017-04-25 | CVE-2017-3345 | Unspecified vulnerability in Oracle Marketing Vulnerability in the Oracle Marketing component of Oracle E-Business Suite (subcomponent: User Interface). | 7.1 |
| 2017-04-25 | CVE-2017-3342 | Unspecified vulnerability in Oracle Marketing Vulnerability in the Oracle Marketing component of Oracle E-Business Suite (subcomponent: User Interface). | 7.1 |
| 2017-04-25 | CVE-2017-1274 | Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in IBM Domino IBM Domino 8.5.3, and 9.0 is vulnerable to a stack based overflow in the IMAP service that could allow an authenticated attacker to execute arbitrary code by specifying a large mailbox name. | 8.8 |
| 2017-04-25 | CVE-2017-1149 | XXE vulnerability in IBM Urbancode Deploy IBM UrbanCode Deploy (UCD) 6.0, 6.1, and 6.2 is vulnerable to a denial of service, caused by an XML External Entity Injection (XXE) error when processing XML data. | 8.1 |
| 2017-04-25 | CVE-2017-8109 | Information Exposure vulnerability in Saltstack Salt The salt-ssh minion code in SaltStack Salt 2016.11 before 2016.11.4 copied over configuration from the Salt Master without adjusting permissions, which might leak credentials to local attackers on configured minions (clients). | 7.8 |
| 2017-04-25 | CVE-2017-7477 | Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in Linux Kernel Heap-based buffer overflow in drivers/net/macsec.c in the MACsec module in the Linux kernel through 4.10.12 allows attackers to cause a denial of service or possibly have unspecified other impact by leveraging the use of a MAX_SKB_FRAGS+1 size in conjunction with the NETIF_F_FRAGLIST feature, leading to an error in the skb_to_sgvec function. | 7.0 |
| 2017-04-25 | CVE-2017-7221 | SQL Injection vulnerability in Opentext Documentum Content Server OpenText Documentum Content Server has an inadequate protection mechanism against SQL injection, which allows remote authenticated users to execute arbitrary code with super-user privileges by leveraging the availability of the dm_bp_transition docbase method with a user-created dm_procedure object, as demonstrated by use of a backspace character in an injected string. | 8.8 |
| 2017-04-25 | CVE-2017-5051 | Integer Overflow or Wraparound vulnerability in Google Chrome An integer overflow in FFmpeg in Google Chrome prior to 57.0.2987.98 for Mac, Windows, and Linux and 57.0.2987.108 for Android allowed a remote attacker to perform an out of bounds memory write via a crafted video file, related to ChunkDemuxer. | 8.8 |
| 2017-04-25 | CVE-2017-5050 | Integer Overflow or Wraparound vulnerability in Google Chrome An integer overflow in FFmpeg in Google Chrome prior to 57.0.2987.98 for Mac, Windows, and Linux and 57.0.2987.108 for Android allowed a remote attacker to perform an out of bounds memory write via a crafted video file, related to ChunkDemuxer. | 8.8 |
| 2017-04-25 | CVE-2017-5049 | Integer Overflow or Wraparound vulnerability in Google Chrome An integer overflow in FFmpeg in Google Chrome prior to 57.0.2987.98 for Mac, Windows, and Linux and 57.0.2987.108 for Android allowed a remote attacker to perform an out of bounds memory write via a crafted video file, related to ChunkDemuxer. | 8.8 |