Vulnerabilities > High

DATE CVE VULNERABILITY TITLE RISK
2017-03-17 CVE-2015-3881 Information Exposure vulnerability in Qdpm 8.3
Information disclosure issue in qdPM 8.3 allows remote attackers to obtain sensitive information via a direct request to (1) core/config/databases.yml, (2) core/log/qdPM_prod.log, or (3) core/apps/qdPM/config/settings.yml.
network
low complexity
qdpm CWE-200
7.5
7.5
2017-03-17 CVE-2014-9854 Resource Management Errors vulnerability in multiple products
coders/tiff.c in ImageMagick allows remote attackers to cause a denial of service (application crash) via vectors related to the "identification of image."
network
low complexity
imagemagick opensuse suse canonical CWE-399
7.5
7.5
2017-03-17 CVE-2014-8722 Information Exposure vulnerability in Get-Simple Getsimple CMS 3.3.4
GetSimple CMS 3.3.4 allows remote attackers to obtain sensitive information via a direct request to (1) data/users/<username>.xml, (2) backups/users/<username>.xml.bak, (3) data/other/authorization.xml, or (4) data/other/appid.xml.
network
low complexity
get-simple CWE-200
7.5
7.5
2017-03-17 CVE-2014-8701 Information Exposure vulnerability in Wondercms 2014
Wonder CMS 2014 allows remote attackers to obtain sensitive information by viewing /files/password, which reveals the unsalted MD5 hashed password.
network
low complexity
wondercms CWE-200
7.5
7.5
2017-03-17 CVE-2017-6967 Improper Authentication vulnerability in Neutrinolabs Xrdp 0.9.1
xrdp 0.9.1 calls the PAM function auth_start_session() in an incorrect location, leading to PAM session modules not being properly initialized, with a potential consequence of incorrect configurations or elevation of privileges, aka a pam_limits.so bypass.
network
low complexity
neutrinolabs CWE-287
7.3
7.3
2017-03-17 CVE-2017-6962 Integer Overflow or Wraparound vulnerability in Apng2Gif Project Apng2Gif 1.7
An issue was discovered in apng2gif 1.7.
network
low complexity
apng2gif-project CWE-190
7.5
7.5
2017-03-17 CVE-2017-6960 Integer Overflow or Wraparound vulnerability in multiple products
An issue was discovered in apng2gif 1.7.
network
low complexity
apng2gif-project debian canonical CWE-190
7.5
7.5
2017-03-17 CVE-2017-0151 Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in Microsoft Edge
A remote code execution vulnerability exists in the way affected Microsoft scripting engines render when handling objects in memory in Microsoft browsers.
network
high complexity
microsoft CWE-119
7.5
7.5
2017-03-17 CVE-2017-0150 Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in Microsoft Edge
A remote code execution vulnerability exists in the way affected Microsoft scripting engines render when handling objects in memory in Microsoft browsers.
network
high complexity
microsoft CWE-119
7.5
7.5
2017-03-17 CVE-2017-0149 Out-of-bounds Write vulnerability in Microsoft Internet Explorer 10/11/9
Microsoft Internet Explorer 9 through 11 allow remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka "Internet Explorer Memory Corruption Vulnerability." This vulnerability is different from those described in CVE-2017-0018 and CVE-2017-0037.
network
low complexity
microsoft CWE-787
8.8
8.8