Vulnerabilities > High

DATE CVE VULNERABILITY TITLE RISK
2017-07-25 CVE-2016-7539 Resource Management Errors vulnerability in Imagemagick
Memory leak in AcquireVirtualMemory in ImageMagick before 7 allows remote attackers to cause a denial of service (memory consumption) via unspecified vectors.
network
low complexity
imagemagick CWE-399
7.5
2017-07-25 CVE-2015-7543 Race Condition vulnerability in multiple products
aRts 1.5.10 and kdelibs3 3.5.10 and earlier do not properly create temporary directories, which allows local users to hijack the IPC by pre-creating the temporary directory.
local
high complexity
kde artsproject CWE-362
7.0
2017-07-25 CVE-2017-11499 Improper Input Validation vulnerability in Nodejs Node.Js
Node.js v4.0 through v4.8.3, all versions of v5.x, v6.0 through v6.11.0, v7.0 through v7.10.0, and v8.0 through v8.1.3 was susceptible to hash flooding remote DoS attacks as the HashTable seed was constant across a given released version of Node.js.
network
low complexity
nodejs CWE-20
7.5
2017-07-25 CVE-2017-8035 Information Exposure vulnerability in Cloudfoundry Capi-Release and Cf-Release
An issue was discovered in the Cloud Controller API in Cloud Foundry Foundation CAPI-release versions after v1.6.0 and prior to v1.35.0 and cf-release versions after v244 and prior to v268.
network
low complexity
cloudfoundry CWE-200
7.5
2017-07-25 CVE-2017-8033 Path Traversal vulnerability in Cloudfoundry Capi-Release and Cf-Release
An issue was discovered in the Cloud Controller API in Cloud Foundry Foundation CAPI-release versions prior to v1.35.0 and cf-release versions prior to v268.
local
low complexity
cloudfoundry CWE-22
7.8
2017-07-25 CVE-2017-7541 Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in Linux Kernel
The brcmf_cfg80211_mgmt_tx function in drivers/net/wireless/broadcom/brcm80211/brcmfmac/cfg80211.c in the Linux kernel before 4.12.3 allows local users to cause a denial of service (buffer overflow and system crash) or possibly gain privileges via a crafted NL80211_CMD_FRAME Netlink packet.
local
low complexity
linux CWE-119
7.8
2017-07-25 CVE-2015-2280 OS Command Injection vulnerability in Airlink101 Skyipcam1620W Wireless N Mpeg4 3Gpp Firmware 1.1.01220120709
snwrite.cgi in AirLink101 SkyIPCam1620W Wireless N MPEG4 3GPP network camera with firmware FW_AIC1620W_1.1.0-12_20120709_r1192.pck allows remote authenticated users to execute arbitrary OS commands via shell metacharacters in the mac parameter.
network
low complexity
airlink101 CWE-78
8.8
2017-07-25 CVE-2015-1847 Path Traversal vulnerability in Appserver
Directory traversal vulnerability in the web request/response interface in Appserver before 1.0.3 allows remote attackers to read normally inaccessible files via a ..
network
low complexity
appserver CWE-22
7.5
2017-07-24 CVE-2017-1382 Incorrect Default Permissions vulnerability in IBM Websphere Application Server
IBM WebSphere Application Server 7.0, 8.0, 8.5, and 9.0 might create files using the default permissions instead of the customized permissions when custom startup scripts are used.
local
low complexity
ibm CWE-276
7.1
2017-07-24 CVE-2017-9553 Unspecified vulnerability in Synology Diskstation Manager
A design flaw in SYNO.API.Encryption in Synology DiskStation Manager (DSM) before 6.1.3-15152 allows remote attackers to bypass the encryption protection mechanism via the crafted version parameter.
network
low complexity
synology
7.5