Vulnerabilities > High
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2017-03-29 | CVE-2017-2689 | Improper Authentication vulnerability in Siemens Ruggedcom ROX I 2.9.0 Siemens RUGGEDCOM ROX I (all versions) allow an authenticated user to bypass access restrictions in the web interface at port 10000/TCP to obtain privileged file system access or change configuration settings. | 8.8 |
| 2017-03-29 | CVE-2017-2688 | Cross-Site Request Forgery (CSRF) vulnerability in Siemens Ruggedcom ROX I 2.9.0 The integrated web server in Siemens RUGGEDCOM ROX I (all versions) at port 10000/TCP could allow remote attackers to perform actions with the privileges of an authenticated user, provided the targeted user has an active session and is induced into clicking on a malicious link or into visiting a malicious website, aka CSRF. | 8.8 |
| 2017-03-29 | CVE-2017-7297 | Unspecified vulnerability in Suse Rancher Rancher Labs rancher server 1.2.0+ is vulnerable to authenticated users disabling access control via an API call. | 8.8 |
| 2017-03-28 | CVE-2016-8031 | Permissions, Privileges, and Access Controls vulnerability in Mcafee Anti-Malware Scan Engine Software Integrity Attacks vulnerability in Intel Security Anti-Virus Engine (AVE) 5200 through 5800 allows local users to bypass local security protection via a crafted input file. | 7.3 |
| 2017-03-28 | CVE-2017-7277 | Out-of-bounds Read vulnerability in Linux Kernel The TCP stack in the Linux kernel through 4.10.6 mishandles the SCM_TIMESTAMPING_OPT_STATS feature, which allows local users to obtain sensitive information from the kernel's internal socket data structures or cause a denial of service (out-of-bounds read) via crafted system calls, related to net/core/skbuff.c and net/socket.c. | 7.1 |
| 2017-03-28 | CVE-2016-9469 | Permissions, Privileges, and Access Controls vulnerability in Gitlab Multiple versions of GitLab expose a dangerous method to any authenticated user that could lead to the deletion of all Issue and MergeRequest objects on a GitLab instance. | 8.2 |
| 2017-03-28 | CVE-2016-9463 | Improper Authentication vulnerability in multiple products Nextcloud Server before 9.0.54 and 10.0.1 & ownCloud Server before 9.1.2, 9.0.6, and 8.2.9 suffer from SMB User Authentication Bypass. | 8.1 |
| 2017-03-28 | CVE-2016-9456 | Cross-Site Request Forgery (CSRF) vulnerability in Revive-Adserver Revive Adserver Revive Adserver before 3.2.3 suffers from Cross-Site Request Forgery (CSRF). | 8.8 |
| 2017-03-28 | CVE-2016-9455 | Cross-Site Request Forgery (CSRF) vulnerability in Revive-Adserver Revive Adserver Revive Adserver before 3.2.3 suffers from Cross-Site Request Forgery (CSRF). | 8.8 |
| 2017-03-28 | CVE-2016-9127 | Cross-Site Request Forgery (CSRF) vulnerability in Revive-Adserver Revive Adserver Revive Adserver before 3.2.3 suffers from Cross-Site Request Forgery (CSRF). | 8.8 |