Vulnerabilities > High
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2017-04-04 | CVE-2017-7398 | Cross-Site Request Forgery (CSRF) vulnerability in D-Link Dir-615 Firmware 20.09 D-Link DIR-615 HW: T1 FW:20.09 is vulnerable to Cross-Site Request Forgery (CSRF) vulnerability. | 8.8 |
| 2017-04-04 | CVE-2017-7228 | Improper Validation of Array Index vulnerability in XEN An issue (known as XSA-212) was discovered in Xen, with fixes available for 4.8.x, 4.7.x, 4.6.x, 4.5.x, and 4.4.x. | 8.2 |
| 2017-04-04 | CVE-2017-5683 | Unspecified vulnerability in Intel Hardware Accelerated Execution Manager 6.0.4 Privilege escalation in IntelHAXM.sys driver in the Intel Hardware Accelerated Execution Manager before version 6.0.6 allows a local user to gain system level access. | 7.8 |
| 2017-04-04 | CVE-2017-3204 | Unspecified vulnerability in Golang Crypto The Go SSH library (x/crypto/ssh) by default does not verify host keys, facilitating man-in-the-middle attacks. | 8.1 |
| 2017-04-04 | CVE-2014-9922 | Permissions, Privileges, and Access Controls vulnerability in multiple products The eCryptfs subsystem in the Linux kernel before 3.18 allows local users to gain privileges via a large filesystem stack that includes an overlayfs layer, related to fs/ecryptfs/main.c and fs/overlayfs/super.c. | 7.8 |
| 2017-04-04 | CVE-2017-7412 | Unspecified vulnerability in Nixos 17.03 NixOS 17.03 before 17.03.887 has a world-writable Docker socket, which allows local users to gain privileges by executing docker commands. | 7.8 |
| 2017-04-03 | CVE-2017-7397 | Resource Exhaustion vulnerability in Backbox Linux 4.6 BackBox Linux 4.6 allows remote attackers to cause a denial of service (ksoftirqd CPU consumption) via a flood of packets with Martian source IP addresses (as defined in RFC 1812 section 5.3.7). | 7.5 |
| 2017-04-03 | CVE-2016-10317 | Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in Artifex Ghostscript 9.20 The fill_threshhold_buffer function in base/gxht_thresh.c in Artifex Software, Inc. | 7.8 |
| 2017-04-03 | CVE-2014-3930 | Improper Access Control vulnerability in LG Project LG 1.01 lg.pl in Cistron-LG 1.01 stores sensitive information under the web root with insufficient access controls, which allows remote attackers to obtain IP addresses and other unspecified router credentials. | 7.5 |
| 2017-04-03 | CVE-2014-3929 | Improper Access Control vulnerability in LG Project LG The default configuration for Cougar-LG stores sensitive information under the web root with insufficient access control, which might allow remote attackers to obtain private ssh keys. | 7.5 |