Vulnerabilities > High

DATE CVE VULNERABILITY TITLE RISK
2017-07-13 CVE-2017-11103 Insufficient Verification of Data Authenticity vulnerability in multiple products
Heimdal before 7.4 allows remote attackers to impersonate services with Orpheus' Lyre attacks because it obtains service-principal names in a way that violates the Kerberos 5 protocol specification.
network
high complexity
heimdal-project freebsd samba apple debian CWE-345
8.1
8.1
2017-07-13 CVE-2017-11173 Missing anchor in generated regex for rack-cors before 0.4.1 allows a malicious third-party site to perform CORS requests.
network
low complexity
rack-cors-project debian
8.8
8.8
2017-07-13 CVE-2017-11200 SQL Injection vulnerability in Finecms Project Finecms
SQL Injection exists in FineCMS through 2017-07-12 via the application/core/controller/excludes.php visitor_ip parameter.
network
low complexity
finecms-project CWE-89
8.8
8.8
2017-07-12 CVE-2017-11196 Cross-Site Request Forgery (CSRF) vulnerability in Pulsesecure Pulse Connect Secure 8.3R1.0
Pulse Connect Secure 8.3R1 has CSRF in logout.cgi.
network
low complexity
pulsesecure CWE-352
8.8
8.8
2017-07-12 CVE-2017-11193 Cross-Site Request Forgery (CSRF) vulnerability in Pulsesecure Pulse Connect Secure 8.3R1.0
Pulse Connect Secure 8.3R1 has CSRF in diag.cgi.
network
low complexity
pulsesecure CWE-352
8.8
8.8
2017-07-12 CVE-2017-2863 Out-of-bounds Write vulnerability in Iceni Infix 7.1.5
An out-of-bounds write vulnerability exists in the PDF parsing functionality of Infix 7.1.5.
local
low complexity
iceni CWE-787
7.8
7.8
2017-07-12 CVE-2017-2820 Integer Overflow or Wraparound vulnerability in Freedesktop Poppler 0.53.0
An exploitable integer overflow vulnerability exists in the JPEG 2000 image parsing functionality of freedesktop.org Poppler 0.53.0.
network
low complexity
freedesktop CWE-190
8.8
8.8
2017-07-12 CVE-2017-2818 Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in Freedesktop Poppler 0.53.0
An exploitable heap overflow vulnerability exists in the image rendering functionality of Poppler 0.53.0.
network
low complexity
freedesktop CWE-119
8.8
8.8
2017-07-12 CVE-2017-2814 Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in Freedesktop Poppler 0.53.0
An exploitable heap overflow vulnerability exists in the image rendering functionality of Poppler 0.53.0.
network
low complexity
freedesktop CWE-119
8.8
8.8
2017-07-12 CVE-2017-9977 Unspecified vulnerability in AVG Anti-Virus
AVG AntiVirus for MacOS with scan engine before 4668 might allow remote attackers to bypass malware detection by leveraging failure to scan inside disk image (aka DMG) files.
network
low complexity
avg
7.5
7.5