Vulnerabilities > High

DATE CVE VULNERABILITY TITLE RISK
2017-08-29 CVE-2015-3653 Improper Access Control vulnerability in Arubanetworks Clearpass
Aruba Networks ClearPass Policy Manager before 6.4.7 and 6.5.x before 6.5.2 allows remote authenticated administrators to write to arbitrary files within the underlying operating system and consequently cause a denial of service or gain privileges by leveraging incorrect permission checking.
network
low complexity
arubanetworks CWE-284
7.2
7.2
2017-08-29 CVE-2017-10952 Improper Input Validation vulnerability in Foxitsoftware Foxit Reader 8.2.0.2051
This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Foxit Reader 8.2.0.2051.
network
low complexity
foxitsoftware CWE-20
8.8
8.8
2017-08-29 CVE-2017-10951 OS Command Injection vulnerability in Foxitsoftware Foxit Reader 8.3.0.14878
This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Foxit Reader 8.3.0.14878.
network
low complexity
foxitsoftware CWE-78
8.8
8.8
2017-08-29 CVE-2017-10950 Double Free vulnerability in Bitdefender Total Security 21.0.24.62
This vulnerability allows local attackers to execute arbitrary code on vulnerable installations of Bitdefender Total Security 21.0.24.62.
local
high complexity
bitdefender CWE-415
7.0
7.0
2017-08-29 CVE-2017-13752 Reachable Assertion vulnerability in multiple products
There is a reachable assertion abort in the function jpc_dequantize() in jpc/jpc_dec.c in JasPer 2.0.12 that will lead to a remote denial of service attack.
network
low complexity
jasper-project fedoraproject CWE-617
7.5
7.5
2017-08-29 CVE-2017-13751 Reachable Assertion vulnerability in multiple products
There is a reachable assertion abort in the function calcstepsizes() in jpc/jpc_dec.c in JasPer 2.0.12 that will lead to a remote denial of service attack.
network
low complexity
jasper-project fedoraproject CWE-617
7.5
7.5
2017-08-29 CVE-2017-13750 Reachable Assertion vulnerability in multiple products
There is a reachable assertion abort in the function jpc_dec_process_siz() in jpc/jpc_dec.c:1296 in JasPer 2.0.12 that will lead to a remote denial of service attack.
network
low complexity
jasper-project fedoraproject CWE-617
7.5
7.5
2017-08-29 CVE-2017-13749 Reachable Assertion vulnerability in multiple products
There is a reachable assertion abort in the function jpc_pi_nextrpcl() in jpc/jpc_t2cod.c in JasPer 2.0.12 that will lead to a remote denial of service attack.
network
low complexity
jasper-project fedoraproject CWE-617
7.5
7.5
2017-08-29 CVE-2017-13748 Missing Release of Resource after Effective Lifetime vulnerability in multiple products
There are lots of memory leaks in JasPer 2.0.12, triggered in the function jas_strdup() in base/jas_string.c, that will lead to a remote denial of service attack.
network
low complexity
jasper-project fedoraproject debian CWE-772
7.5
7.5
2017-08-29 CVE-2017-13747 Reachable Assertion vulnerability in multiple products
There is a reachable assertion abort in the function jpc_floorlog2() in jpc/jpc_math.c in JasPer 2.0.12 that will lead to a remote denial of service attack.
network
low complexity
jasper-project fedoraproject CWE-617
7.5
7.5