Vulnerabilities > High
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2017-03-22 | CVE-2017-6970 | OS Command Injection vulnerability in multiple products AlienVault USM and OSSIM before 5.3.7 and NfSen before 1.3.8 allow local users to execute arbitrary commands in a privileged context via an NfSen socket, aka AlienVault ID ENG-104863. | 8.4 |
| 2017-03-22 | CVE-2014-9839 | Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in Imagemagick 6.8.99 magick/colormap-private.h in ImageMagick 6.8.9-9 allows remote attackers to cause a denial of service (out-of-bounds access). | 7.5 |
| 2017-03-22 | CVE-2014-9835 | Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in Imagemagick 6.8.99 Heap overflow in ImageMagick 6.8.9-9 via a crafted wpf file. | 7.8 |
| 2017-03-22 | CVE-2014-9834 | Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in Imagemagick 6.8.99 Heap overflow in ImageMagick 6.8.9-9 via a crafted pict file. | 7.8 |
| 2017-03-22 | CVE-2014-9833 | Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in Imagemagick 6.8.99 Heap overflow in ImageMagick 6.8.9-9 via a crafted psd file. | 7.8 |
| 2017-03-22 | CVE-2014-9832 | Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in Imagemagick 6.8.99 Heap overflow in ImageMagick 6.8.9-9 via a crafted pcx file. | 7.8 |
| 2017-03-22 | CVE-2017-5874 | Cross-Site Request Forgery (CSRF) vulnerability in D-Link Dir-600M Firmware CSRF exists on D-Link DIR-600M Rev. | 8.8 |
| 2017-03-21 | CVE-2017-3849 | Improper Input Validation vulnerability in Cisco IOS and IOS XE A vulnerability in the Autonomic Networking Infrastructure (ANI) registrar feature of Cisco IOS Software (possibly 15.2 through 15.6) and Cisco IOS XE Software (possibly 3.7 through 3.18, and 16) could allow an unauthenticated, adjacent attacker to cause a denial of service (DoS) condition. | 7.4 |
| 2017-03-21 | CVE-2016-6650 | Information Exposure vulnerability in EMC Recoverpoint and Recoverpoint for Virtual Machines EMC RecoverPoint versions prior to 5.0 and EMC RecoverPoint for Virtual Machines versions prior to 5.0 have an SSL Stripping Vulnerability that may potentially be exploited by malicious users to compromise the affected system. | 7.5 |
| 2017-03-21 | CVE-2016-4504 | Cross-Site Request Forgery (CSRF) vulnerability in Meteocontrol Weblog A Cross-Site Request Forgery issue was discovered in Meteocontrol WEB'log Basic 100 all versions, Light all versions, Pro all versions, and Pro Unlimited all versions. | 8.8 |