Vulnerabilities > High

DATE CVE VULNERABILITY TITLE RISK
2017-07-17 CVE-2017-1000363 Out-of-bounds Write vulnerability in multiple products
Linux drivers/char/lp.c Out-of-Bounds Write.
local
low complexity
linux debian CWE-787
7.8
7.8
2017-07-17 CVE-2017-1000080 Unspecified vulnerability in Onosproject Onos 1.8.0/1.9.0
Linux foundation ONOS 1.9.0 allows unauthenticated use of websockets.
network
low complexity
onosproject
7.5
7.5
2017-07-17 CVE-2017-1000079 Unspecified vulnerability in Onosproject Onos 1.8.0/1.9.0
Linux foundation ONOS 1.9.0 is vulnerable to a DoS.
network
low complexity
onosproject
7.5
7.5
2017-07-17 CVE-2017-1000071 Improper Authentication vulnerability in Apereo PHPcas 1.3.4
Jasig phpCAS version 1.3.4 is vulnerable to an authentication bypass in the validateCAS20 function when configured to authenticate against an old CAS server.
network
high complexity
apereo CWE-287
8.1
8.1
2017-07-17 CVE-2017-1000069 Cross-Site Request Forgery (CSRF) vulnerability in Oauth2 Proxy Project Oauth2 Proxy 2.1
CSRF in Bitly oauth2_proxy 2.1 during authentication flow
network
low complexity
oauth2-proxy-project CWE-352
8.8
8.8
2017-07-17 CVE-2017-1000068 Improper Authentication vulnerability in Betterment Testtrack 1.0
TestTrack Server versions 1.0 and earlier are vulnerable to an authentication flaw in the split disablement feature resulting in the ability to disable arbitrary running splits and cause denial of service to clients in the field.
network
low complexity
betterment CWE-287
7.5
7.5
2017-07-17 CVE-2017-1000067 SQL Injection vulnerability in Modx Revolution
MODX Revolution version 2.x - 2.5.6 is vulnerable to blind SQL injection caused by improper sanitization by the escape method resulting in authenticated user accessing database and possibly escalating privileges.
network
low complexity
modx CWE-89
8.8
8.8
2017-07-17 CVE-2017-1000066 Unspecified vulnerability in Keepass 1.32
The entry details view function in KeePass version 1.32 inadvertently decrypts certain database entries into memory, which may result in the disclosure of sensitive information.
network
low complexity
keepass
7.5
7.5
2017-07-17 CVE-2017-1000064 Resource Exhaustion vulnerability in Kitto Project Kitto 0.5.1
kittoframework kitto version 0.5.1 is vulnerable to memory exhaustion in the router resulting in DoS
network
low complexity
kitto-project CWE-400
7.5
7.5
2017-07-17 CVE-2017-1000062 Path Traversal vulnerability in Kitto Project Kitto 0.5.1
kittoframework kitto 0.5.1 is vulnerable to directory traversal in the router resulting in remote code execution
network
low complexity
kitto-project CWE-22
7.5
7.5