Vulnerabilities > High
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2017-04-05 | CVE-2017-0327 | Classic Buffer Overflow vulnerability in Linux Kernel 3.10 An elevation of privilege vulnerability in the NVIDIA crypto driver could enable a local malicious application to execute arbitrary code within the context of the kernel. | 7.0 |
| 2017-04-05 | CVE-2017-0325 | Out-of-bounds Write vulnerability in Linux Kernel 3.10/3.18 An elevation of privilege vulnerability in the NVIDIA I2C HID driver could enable a local malicious application to execute arbitrary code within the context of the kernel. | 7.0 |
| 2017-04-05 | CVE-2017-7358 | Path Traversal vulnerability in multiple products In LightDM through 1.22.0, a directory traversal issue in debian/guest-account.sh allows local attackers to own arbitrary directory path locations and escalate privileges to root when the guest user logs out. | 7.3 |
| 2017-04-04 | CVE-2017-5649 | Information Exposure vulnerability in Apache Geode 1.0.0/1.1.0 Apache Geode before 1.1.1, when a cluster has enabled security by setting the security-manager property, allows remote authenticated users with CLUSTER:READ but not DATA:READ permission to access the data browser page in Pulse and consequently execute an OQL query that exposes data stored in the cluster. | 7.5 |
| 2017-04-04 | CVE-2016-5870 | NULL Pointer Dereference vulnerability in Linux Kernel The msm_ipc_router_close function in net/ipc_router/ipc_router_socket.c in the ipc_router component for the Linux kernel 3.x, as used in Qualcomm Innovation Center (QuIC) Android contributions for MSM devices and other products, allow attackers to cause a denial of service (NULL pointer dereference) or possibly have unspecified other impact by triggering failure of an accept system call for an AF_MSM_IPC socket. | 7.8 |
| 2017-04-04 | CVE-2016-3740 | Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in Foxitsoftware Foxit Reader 7.3.4.311 Heap-based buffer overflow in the CreateFXPDFConvertor function in ConvertToPdf_x86.dll in Foxit Reader 7.3.4.311 allows remote attackers to execute arbitrary code via a large SamplesPerPixel value in a crafted TIFF image that is mishandled during PDF conversion. | 7.8 |
| 2017-04-04 | CVE-2015-1612 | Improper Input Validation vulnerability in Opendaylight Openflow OpenFlow plugin for OpenDaylight before Helium SR3 allows remote attackers to spoof the SDN topology and affect the flow of data, related to the reuse of LLDP packets, aka "LLDP Relay." | 7.5 |
| 2017-04-04 | CVE-2015-1611 | Improper Input Validation vulnerability in Opendaylight Openflow OpenFlow plugin for OpenDaylight before Helium SR3 allows remote attackers to spoof the SDN topology and affect the flow of data, related to "fake LLDP injection." | 7.5 |
| 2017-04-04 | CVE-2017-7414 | OS Command Injection vulnerability in Horde Groupware In Horde_Crypt before 2.7.6, as used in Horde Groupware Webmail Edition 5.x through 5.2.17, OS Command Injection can occur if the user has PGP features enabled in the user's preferences, and has enabled the "Should PGP signed messages be automatically verified when viewed?" preference. | 7.5 |
| 2017-04-04 | CVE-2017-7413 | OS Command Injection vulnerability in Horde Groupware In Horde_Crypt before 2.7.6, as used in Horde Groupware Webmail Edition through 5.2.17, OS Command Injection can occur if the attacker is an authenticated Horde Webmail user, has PGP features enabled in their preferences, and attempts to encrypt an email addressed to a maliciously crafted email address. | 8.8 |