Vulnerabilities > High
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2017-03-27 | CVE-2015-8763 | Out-of-bounds Read vulnerability in Freeradius The EAP-PWD module in FreeRADIUS 3.0 through 3.0.8 allows remote attackers to have unspecified impact via a crafted (1) commit or (2) confirm message, which triggers an out-of-bounds read. | 8.1 |
| 2017-03-27 | CVE-2015-0864 | Permissions, Privileges, and Access Controls vulnerability in Samsung Galaxy APP and Samsung Account APP Samsung Account (AKA com.osp.app.signin) before 1.6.0069 and 2.x before 2.1.0069 allows man-in-the-middle attackers to obtain sensitive information and execute arbitrary code. | 8.0 |
| 2017-03-27 | CVE-2015-0863 | Permissions, Privileges, and Access Controls vulnerability in Samsung Galaxy APP and Samsung Account APP GALAXY Apps (aka Samsung Apps, Samsung Updates, or com.sec.android.app.samsungapps) before 14120405.03.012 allows man-in-the-middle attackers to obtain sensitive information and execute arbitrary code. | 8.0 |
| 2017-03-27 | CVE-2017-5932 | Improper Input Validation vulnerability in GNU Bash 4.4 The path autocompletion feature in Bash 4.4 allows local users to gain privileges via a crafted filename starting with a " (double quote) character and a command substitution metacharacter. | 7.8 |
| 2017-03-27 | CVE-2017-5931 | Integer Overflow or Wraparound vulnerability in Qemu Integer overflow in hw/virtio/virtio-crypto.c in QEMU (aka Quick Emulator) allows local guest OS privileged users to cause a denial of service (QEMU process crash) or possibly execute arbitrary code on the host via a crafted virtio-crypto request, which triggers a heap-based buffer overflow. | 8.8 |
| 2017-03-27 | CVE-2017-5899 | Race Condition vulnerability in S-Nail Project S-Nail Directory traversal vulnerability in the setuid root helper binary in S-nail (later S-mailx) before 14.8.16 allows local users to write to arbitrary files and consequently gain root privileges via a .. | 7.0 |
| 2017-03-27 | CVE-2017-5850 | Allocation of Resources Without Limits or Throttling vulnerability in Openbsd 6.0 httpd in OpenBSD allows remote attackers to cause a denial of service (memory consumption) via a series of requests for a large file using an HTTP Range header. | 7.5 |
| 2017-03-27 | CVE-2017-5330 | OS Command Injection vulnerability in multiple products ark before 16.12.1 might allow remote attackers to execute arbitrary code via an executable in an archive, related to associated applications. | 7.8 |
| 2017-03-27 | CVE-2015-8026 | Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in Exfat Project Exfat Heap-based buffer overflow in the verify_vbr_checksum function in exfatfsck in exfat-utils before 1.2.1 allows remote attackers to cause a denial of service (infinite loop) or possibly execute arbitrary code via a crafted filesystem. | 7.8 |
| 2017-03-27 | CVE-2017-6957 | Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in Broadcom Bcm4339 SOC Firmware 6.37.34.40 Stack-based buffer overflow in the firmware in Broadcom Wi-Fi HardMAC SoC chips, when the firmware supports CCKM Fast and Secure Roaming and the feature is enabled in RAM, allows remote attackers to execute arbitrary code via a crafted reassociation response frame with a Cisco IE (156). | 8.1 |