Vulnerabilities > High
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2016-10-28 | CVE-2016-8333 | Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in Iceni Argus 6.6.04 An exploitable stack-based buffer overflow vulnerability exists in the ipfSetColourStroke functionality of Iceni Argus version 6.6.04 A specially crafted pdf file can cause a buffer overflow resulting in arbitrary code execution. | 7.8 |
| 2016-10-28 | CVE-2016-8331 | Unspecified vulnerability in Libtiff 4.0.6 An exploitable remote code execution vulnerability exists in the handling of TIFF images in LibTIFF version 4.0.6. | 8.1 |
| 2016-10-28 | CVE-2016-9028 | 7PK - Security Features vulnerability in Citrix Netscaler Application Delivery Controller Firmware Unauthorized redirect vulnerability in Citrix NetScaler ADC before 10.1 135.8, 10.5 61.11, 11.0 65.31/65.35F and 11.1 47.14 allows a remote attacker to steal session cookies of a legitimate AAA user via manipulation of Host header. | 8.8 |
| 2016-10-28 | CVE-2016-9017 | Out-of-bounds Read vulnerability in Artifex Mujs Artifex Software, Inc. | 7.5 |
| 2016-10-28 | CVE-2016-8867 | Permissions, Privileges, and Access Controls vulnerability in Docker 1.12.2 Docker Engine 1.12.2 enabled ambient capabilities with misconfigured capability policies. | 7.5 |
| 2016-10-28 | CVE-2016-8600 | 7PK - Security Features vulnerability in Dotcms 3.2.1 In dotCMS 3.2.1, attacker can load captcha once, fill it with correct value and then this correct value is ok for forms with captcha check later. | 7.5 |
| 2016-10-28 | CVE-2016-7919 | SQL Injection vulnerability in Moodle 3.1.2 Moodle 3.1.2 allows remote attackers to obtain sensitive information via unspecified vectors, related to a "SQL Injection" issue affecting the Administration panel function in the installation process component. | 7.5 |
| 2016-10-28 | CVE-2016-8332 | Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in Uclouvain Openjpeg 2.1.1 A buffer overflow in OpenJPEG 2.1.1 causes arbitrary code execution when parsing a crafted image. | 7.8 |
| 2016-10-28 | CVE-2016-6372 | Improper Input Validation vulnerability in Cisco Email Security Appliance and web Security Appliance A vulnerability in the email message and content filtering for malformed Multipurpose Internet Mail Extensions (MIME) headers of Cisco AsyncOS Software for Cisco Email Security Appliances (ESA) and Web Security Appliances (WSA) could allow an unauthenticated, remote attacker to bypass the filtering functionality of the targeted device. | 7.5 |
| 2016-10-28 | CVE-2016-6360 | Improper Input Validation vulnerability in Cisco Email Security Appliance and web Security Appliance A vulnerability in Advanced Malware Protection (AMP) for Cisco Email Security Appliances (ESA) and Web Security Appliances (WSA) could allow an unauthenticated, remote attacker to cause a partial denial of service (DoS) condition due to the AMP process unexpectedly restarting. | 7.5 |