Vulnerabilities > High
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2017-03-03 | CVE-2016-10205 | Session Fixation vulnerability in Zoneminder Session fixation vulnerability in Zoneminder 1.30 and earlier allows remote attackers to hijack web sessions via the ZMSESSID cookie. | 7.3 |
| 2017-03-02 | CVE-2017-6104 | Incorrect Permission Assignment for Critical Resource vulnerability in ZEN Mobile APP Native Project ZEN Mobile APP Native 3.0 Remote file upload vulnerability in Wordpress Plugin Mobile App Native 3.0. | 7.5 |
| 2017-03-02 | CVE-2016-10067 | Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in Imagemagick magick/memory.c in ImageMagick before 6.9.4-5 allows remote attackers to cause a denial of service (application crash) via vectors involving "too many exceptions," which trigger a buffer overflow. | 7.5 |
| 2017-03-02 | CVE-2016-10064 | Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in multiple products Buffer overflow in coders/tiff.c in ImageMagick before 6.9.5-1 allows remote attackers to cause a denial of service (application crash) or have other unspecified impact via a crafted file. | 7.8 |
| 2017-03-02 | CVE-2016-10063 | Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in Imagemagick Buffer overflow in coders/tiff.c in ImageMagick before 6.9.5-1 allows remote attackers to cause a denial of service (application crash) or have other unspecified impact via a crafted file, related to extend validity. | 7.8 |
| 2017-03-02 | CVE-2017-5235 | Untrusted Search Path vulnerability in Rapid7 Metasploit 4.11.7/4.12.40/4.13.0 Rapid7 Metasploit Pro installers prior to version 4.13.0-2017022101 contain a DLL preloading vulnerability, wherein it is possible for the installer to load a malicious DLL located in the current working directory of the installer. | 7.8 |
| 2017-03-02 | CVE-2017-5234 | Untrusted Search Path vulnerability in Rapid7 Insight Collector 1.0.15 Rapid7 Insight Collector installers prior to version 1.0.16 contain a DLL preloading vulnerability, wherein it is possible for the installer to load a malicious DLL located in the current working directory of the installer. | 7.8 |
| 2017-03-02 | CVE-2017-5233 | Untrusted Search Path vulnerability in Rapid7 Appspider PRO Rapid7 AppSpider Pro installers prior to version 6.14.053 contain a DLL preloading vulnerability, wherein it is possible for the installer to load a malicious DLL located in the current working directory of the installer. | 7.8 |
| 2017-03-02 | CVE-2017-5232 | Untrusted Search Path vulnerability in Rapid7 Nexpose All editions of Rapid7 Nexpose installers prior to version 6.4.24 contain a DLL preloading vulnerability, wherein it is possible for the installer to load a malicious DLL located in the current working directory of the installer. | 7.8 |
| 2017-03-02 | CVE-2017-5231 | Path Traversal vulnerability in Rapid7 Metasploit All editions of Rapid7 Metasploit prior to version 4.13.0-2017020701 contain a directory traversal vulnerability in the Meterpreter stdapi CommandDispatcher.cmd_download() function. | 7.1 |