Vulnerabilities > High
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2017-02-20 | CVE-2016-4666 | Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in Apple Iphone OS An issue was discovered in certain Apple products. | 8.8 |
| 2017-02-20 | CVE-2016-4662 | Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in Apple mac OS X An issue was discovered in certain Apple products. | 7.8 |
| 2017-02-20 | CVE-2016-4660 | Information Exposure vulnerability in Apple products An issue was discovered in certain Apple products. | 7.1 |
| 2017-02-20 | CVE-2016-4617 | Permissions, Privileges, and Access Controls vulnerability in Apple mac OS X An issue was discovered in certain Apple products. | 8.8 |
| 2017-02-18 | CVE-2017-6074 | Double Free vulnerability in multiple products The dccp_rcv_state_process function in net/dccp/input.c in the Linux kernel through 4.9.11 mishandles DCCP_PKT_REQUEST packet data structures in the LISTEN state, which allows local users to obtain root privileges or cause a denial of service (double free) via an application that makes an IPV6_RECVPKTINFO setsockopt system call. | 7.8 |
| 2017-02-18 | CVE-2017-6001 | Race Condition vulnerability in Linux Kernel Race condition in kernel/events/core.c in the Linux kernel before 4.9.7 allows local users to gain privileges via a crafted application that makes concurrent perf_event_open system calls for moving a software group into a hardware context. | 7.0 |
| 2017-02-17 | CVE-2017-6065 | SQL Injection vulnerability in Metalgenix Genixcms SQL injection vulnerability in inc/lib/Control/Backend/menus.control.php in GeniXCMS through 1.0.2 allows remote authenticated users to execute arbitrary SQL commands via the order parameter. | 8.8 |
| 2017-02-17 | CVE-2017-6055 | XXE vulnerability in Eparaksts Eparakstitajs 3 1.3.0/1.3.8 XML external entity (XXE) vulnerability in eParakstitajs 3 before 1.3.9 and eParaksts Java lib before 2.5.13 allows remote attackers to read arbitrary files or possibly have unspecified other impact via a crafted edoc file. | 7.8 |
| 2017-02-17 | CVE-2016-6252 | Integer Overflow or Wraparound vulnerability in Shadow Project Shadow 4.2.1 Integer overflow in shadow 4.2.1 allows local users to gain privileges via crafted input to newuidmap. | 7.8 |
| 2017-02-17 | CVE-2016-5044 | Out-of-bounds Write vulnerability in Libdwarf Project Libdwarf The WRITE_UNALIGNED function in dwarf_elf_access.c in libdwarf before 20160923 allows remote attackers to cause a denial of service (out-of-bounds write and crash) via a crafted DWARF section. | 7.5 |