Vulnerabilities > High
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2017-04-21 | CVE-2016-0833 | Unspecified vulnerability in Google Android Android allows users to cause a denial of service. | 7.5 |
| 2017-04-21 | CVE-2017-7951 | Cross-Site Request Forgery (CSRF) vulnerability in Wondercms WonderCMS before 2.0.3 has CSRF because of lack of a token in an unspecified context. | 8.8 |
| 2017-04-21 | CVE-2017-7220 | Improper Input Validation vulnerability in Opentext Documentum Content Server OpenText Documentum Content Server allows superuser access via sys_obj_save or save of a crafted object, followed by an unauthorized "UPDATE dm_dbo.dm_user_s SET user_privileges=16" command, aka an "RPC save-commands" attack. | 8.8 |
| 2017-04-21 | CVE-2017-7990 | Cross-Site Request Forgery (CSRF) vulnerability in Openmrs Module Reporting 1.12.0 The Reporting Module 1.12.0 for OpenMRS allows CSRF attacks with resultant XSS, in which administrative authentication is hijacked to insert JavaScript into a name field in webapp/reports/manageReports.jsp. | 8.8 |
| 2017-04-20 | CVE-2017-6619 | Improper Input Validation vulnerability in Cisco Integrated Management Controller Supervisor 3.0(1C) A vulnerability in the web-based GUI of Cisco Integrated Management Controller (IMC) 3.0(1c) could allow an authenticated, remote attacker to execute arbitrary commands on an affected system. | 8.8 |
| 2017-04-20 | CVE-2017-6616 | Improper Input Validation vulnerability in Cisco Integrated Management Controller Supervisor 3.0(1C) A vulnerability in the web-based GUI of Cisco Integrated Management Controller (IMC) 3.0(1c) could allow an authenticated, remote attacker to execute arbitrary code on an affected system. | 8.8 |
| 2017-04-20 | CVE-2017-6610 | Improper Input Validation vulnerability in Cisco Adaptive Security Appliance Software A vulnerability in the Internet Key Exchange Version 1 (IKEv1) XAUTH code of Cisco ASA Software could allow an authenticated, remote attacker to cause a reload of an affected system. | 7.7 |
| 2017-04-20 | CVE-2017-6609 | Unspecified vulnerability in Cisco Adaptive Security Appliance Software A vulnerability in the IPsec code of Cisco ASA Software could allow an authenticated, remote attacker to cause a reload of the affected system. | 7.7 |
| 2017-04-20 | CVE-2017-6608 | Unspecified vulnerability in Cisco Adaptive Security Appliance Software A vulnerability in the Secure Sockets Layer (SSL) and Transport Layer Security (TLS) code of Cisco ASA Software could allow an unauthenticated, remote attacker to cause a reload of the affected system. | 8.6 |
| 2017-04-20 | CVE-2017-6607 | Unspecified vulnerability in Cisco Adaptive Security Appliance Software A vulnerability in the DNS code of Cisco ASA Software could allow an unauthenticated, remote attacker to cause an affected device to reload or corrupt the information present in the device's local DNS cache. | 8.7 |