Vulnerabilities > High
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2017-04-05 | CVE-2017-7447 | Cross-Site Request Forgery (CSRF) vulnerability in Helpdezk 1.1.1 HelpDEZk 1.1.1 has CSRF in admin/home#/logos/ with an impact of remote execution of arbitrary PHP code. | 8.8 |
| 2017-04-05 | CVE-2017-7446 | Cross-Site Request Forgery (CSRF) vulnerability in Helpdezk 1.1.1 HelpDEZk 1.1.1 has CSRF in admin/home#/person/ with an impact of obtaining admin privileges. | 8.8 |
| 2017-04-05 | CVE-2017-7444 | Unspecified vulnerability in Veritas System Recovery 16 In Veritas System Recovery before 16 SP1, there is a DLL hijacking vulnerability in the patch installer if an attacker has write access to the directory from which the product is executed. | 7.8 |
| 2017-04-05 | CVE-2016-6100 | Cross-Site Request Forgery (CSRF) vulnerability in IBM products IBM Disposal and Governance Management for IT and IBM Global Retention Policy and Schedule Management, components of IBM Atlas Policy Suite 6.0.3 is vulnerable to cross-site request forgery which could allow an attacker to execute malicious and unauthorized actions transmitted from a user that the website trusts. | 8.8 |
| 2017-04-05 | CVE-2015-4680 | Improper Certificate Validation vulnerability in multiple products FreeRADIUS 2.2.x before 2.2.8 and 3.0.x before 3.0.9 does not properly check revocation of intermediate CA certificates. | 7.5 |
| 2017-04-05 | CVE-2016-9091 | OS Command Injection vulnerability in Bluecoat products Blue Coat Advanced Secure Gateway (ASG) 6.6 before 6.6.5.4 and Content Analysis System (CAS) 1.3 before 1.3.7.4 are susceptible to an OS command injection vulnerability. | 7.2 |
| 2017-04-05 | CVE-2017-6956 | Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in Broadcom Hardmac Wi-Fi SOC Firmware 6.37.34.40 On the Broadcom Wi-Fi HardMAC SoC with fbt firmware, a stack buffer overflow occurs when handling an 802.11r (FT) authentication response, leading to remote code execution via a crafted access point that sends a long R0KH-ID field in a Fast BSS Transition Information Element (FT-IE). | 8.8 |
| 2017-04-05 | CVE-2017-0339 | Unspecified vulnerability in Linux Kernel 3.10 An elevation of privilege vulnerability in the NVIDIA crypto driver could enable a local malicious application to execute arbitrary code within the context of the kernel. | 7.0 |
| 2017-04-05 | CVE-2017-0332 | Out-of-bounds Write vulnerability in Linux Kernel 3.10 An elevation of privilege vulnerability in the NVIDIA crypto driver could enable a local malicious application to execute arbitrary code within the context of the kernel. | 7.0 |
| 2017-04-05 | CVE-2017-0329 | Unspecified vulnerability in Linux Kernel 3.18 An elevation of privilege vulnerability in the NVIDIA boot and power management processor driver could enable a local malicious application to execute arbitrary code within the context of the boot and power management processor. | 7.0 |