Vulnerabilities > High
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2017-03-20 | CVE-2014-9848 | Resource Management Errors vulnerability in multiple products Memory leak in ImageMagick allows remote attackers to cause a denial of service (memory consumption). | 7.5 |
| 2017-03-20 | CVE-2014-9842 | Resource Exhaustion vulnerability in multiple products Memory leak in the ReadPSDLayers function in coders/psd.c in ImageMagick 6.8.9.9 allows remote attackers to cause a denial of service (memory consumption) via unspecified vectors. | 7.5 |
| 2017-03-20 | CVE-2012-5361 | Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in Ffmpeg Libavcodec in FFmpeg before 0.11 allows remote attackers to execute arbitrary code via a crafted WMV file. | 7.8 |
| 2017-03-20 | CVE-2017-7187 | Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in Linux Kernel The sg_ioctl function in drivers/scsi/sg.c in the Linux kernel through 4.10.4 allows local users to cause a denial of service (stack-based buffer overflow) or possibly have unspecified other impact via a large command size in an SG_NEXT_CMD_LEN ioctl call, leading to out-of-bounds write access in the sg_write function. | 7.8 |
| 2017-03-20 | CVE-2017-7186 | Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in Pcre and Pcre2 libpcre1 in PCRE 8.40 and libpcre2 in PCRE2 10.23 allow remote attackers to cause a denial of service (segmentation violation for read access, and application crash) by triggering an invalid Unicode property lookup. | 7.5 |
| 2017-03-20 | CVE-2014-9938 | Improper Encoding or Escaping of Output vulnerability in Git-Scm GIT contrib/completion/git-prompt.sh in Git before 1.9.3 does not sanitize branch names in the PS1 variable, allowing a malicious repository to cause code execution. | 8.8 |
| 2017-03-19 | CVE-2017-7184 | Unspecified vulnerability in Linux Kernel The xfrm_replay_verify_len function in net/xfrm/xfrm_user.c in the Linux kernel through 4.10.6 does not validate certain size data after an XFRM_MSG_NEWAE update, which allows local users to obtain root privileges or cause a denial of service (heap-based out-of-bounds access) by leveraging the CAP_NET_ADMIN capability, as demonstrated during a Pwn2Own competition at CanSecWest 2017 for the Ubuntu 16.10 linux-image-* package 4.8.0.41.52. | 7.8 |
| 2017-03-18 | CVE-2017-7178 | Cross-Site Request Forgery (CSRF) vulnerability in multiple products CSRF was discovered in the web UI in Deluge before 1.3.14. | 8.8 |
| 2017-03-18 | CVE-2017-7177 | Improperly Implemented Security Check for Standard vulnerability in Openinfosecfoundation Suricata Suricata before 3.2.1 has an IPv4 defragmentation evasion issue caused by lack of a check for the IP protocol during fragment matching. | 7.5 |
| 2017-03-17 | CVE-2015-3884 | Unrestricted Upload of File with Dangerous Type vulnerability in Qdpm 8.3/9.0/9.1 Unrestricted file upload vulnerability in the (1) myAccount, (2) projects, (3) tasks, (4) tickets, (5) discussions, (6) reports, and (7) scheduler pages in qdPM 8.3 allows remote attackers to execute arbitrary code by uploading a file with an executable extension, then accessing it via a direct request to the file in uploads/attachments/ or uploads/users/. | 8.8 |