Vulnerabilities > High
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2017-04-10 | CVE-2016-10322 | Command Injection vulnerability in Synology Photo Station Synology Photo Station before 6.3-2958 allows remote authenticated guest users to execute arbitrary commands via shell metacharacters in the X-Forwarded-For HTTP header to photo/login.php. | 8.8 |
| 2017-04-10 | CVE-2017-7622 | Missing Authorization vulnerability in Deepin Desktop Environment dde-daemon, the daemon process of DDE (Deepin Desktop Environment) 15.0 through 15.3, runs with root privileges and hardly does anything to identify the user who calls the function through D-Bus. | 8.8 |
| 2017-04-10 | CVE-2016-5041 | NULL Pointer Dereference vulnerability in Libdwarf Project Libdwarf dwarf_macro5.c in libdwarf before 20160923 allows remote attackers to cause a denial of service (NULL pointer dereference) via a debugging information entry using DWARF5 and without a DW_AT_name. | 7.5 |
| 2017-04-10 | CVE-2017-7185 | Use After Free vulnerability in Cesanta Mongoose Embedded web Server Library and Mongoose OS Use-after-free vulnerability in the mg_http_multipart_wait_for_boundary function in mongoose.c in Cesanta Mongoose Embedded Web Server Library 6.7 and earlier and Mongoose OS 1.2 and earlier allows remote attackers to cause a denial of service (crash) via a multipart/form-data POST request without a MIME boundary string. | 7.5 |
| 2017-04-10 | CVE-2017-5988 | Unspecified vulnerability in Netapp Clustered Data Ontap NetApp Clustered Data ONTAP 8.1 through 9.1P1, when NFS or SMB is enabled, allows remote attackers to cause a denial of service via unspecified vectors. | 7.5 |
| 2017-04-10 | CVE-2016-6879 | Key Management Errors vulnerability in Botan Project Botan The X509_Certificate::allowed_usage function in botan 1.11.x before 1.11.31 might allow attackers to have unspecified impact by leveraging a call with more than one Key_Usage set in the enum value. | 7.5 |
| 2017-04-10 | CVE-2015-7825 | Unspecified vulnerability in Botan Project Botan botan before 1.11.22 improperly validates certificate paths, which allows remote attackers to cause a denial of service (infinite loop and memory consumption) via a certificate with a loop in the certificate chain. | 7.5 |
| 2017-04-10 | CVE-2015-7824 | Information Exposure vulnerability in Botan Project Botan botan 1.11.x before 1.11.22 makes it easier for remote attackers to decrypt TLS ciphertext data via a padding-oracle attack against TLS CBC ciphersuites. | 7.5 |
| 2017-04-10 | CVE-2017-7619 | Infinite Loop vulnerability in Imagemagick 7.0.49 In ImageMagick 7.0.4-9, an infinite loop can occur because of a floating-point rounding error in some of the color algorithms. | 7.5 |
| 2017-04-10 | CVE-2017-7618 | Infinite Loop vulnerability in Linux Kernel crypto/ahash.c in the Linux kernel through 4.10.9 allows attackers to cause a denial of service (API operation calling its own callback, and infinite recursion) by triggering EBUSY on a full queue. | 7.5 |