Vulnerabilities > High
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2017-06-27 | CVE-2017-1105 | Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in IBM products IBM DB2 for Linux, UNIX and Windows 9.2, 10.1, 10.5, and 11.1 (includes DB2 Connect Server) is vulnerable to a buffer overflow that could allow a local user to overwrite DB2 files or cause a denial of service. | 7.1 |
| 2017-06-27 | CVE-2016-9738 | 7PK - Security Features vulnerability in IBM Qradar Security Information and Event Manager IBM QRadar 7.2 and 7.3 does not require that users should have strong passwords by default, which makes it easier for attackers to compromise user accounts. | 7.5 |
| 2017-06-27 | CVE-2017-2843 | OS Command Injection vulnerability in Foscam C1 Indoor HD Camera Firmware 2.52.2.37 In the web management interface in Foscam C1 Indoor HD Camera running application firmware 2.52.2.37, a specially crafted HTTP request can allow for a user to inject arbitrary data in the "msmtprc" configuration file resulting in command execution. | 8.8 |
| 2017-06-27 | CVE-2017-2842 | OS Command Injection vulnerability in Foscam C1 Indoor HD Camera Firmware 2.52.2.37 In the web management interface in Foscam C1 Indoor HD Camera running application firmware 2.52.2.37, a specially crafted HTTP request can allow for a user to inject arbitrary data in the "msmtprc" configuration file resulting in command execution. | 8.8 |
| 2017-06-27 | CVE-2017-2841 | OS Command Injection vulnerability in Foscam C1 Indoor HD Camera Firmware 2.52.2.37 An exploitable command injection vulnerability exists in the web management interface used by the Foscam C1 Indoor HD Camera running application firmware 2.52.2.37. | 8.8 |
| 2017-06-27 | CVE-2017-7524 | Insufficiently Protected Credentials vulnerability in Tpm2-Tools Project Tpm2.0-Tools 1.1.0 tpm2-tools versions before 1.1.1 are vulnerable to a password leak due to transmitting password in plaintext from client to server when generating HMAC. | 7.5 |
| 2017-06-27 | CVE-2017-7520 | Out-of-bounds Read vulnerability in Openvpn OpenVPN versions before 2.4.3 and before 2.3.17 are vulnerable to denial-of-service and/or possibly sensitive memory leak triggered by man-in-the-middle attacker. | 7.4 |
| 2017-06-27 | CVE-2017-7508 | Reachable Assertion vulnerability in Openvpn OpenVPN versions before 2.4.3 and before 2.3.17 are vulnerable to remote denial-of-service when receiving malformed IPv6 packet. | 7.5 |
| 2017-06-26 | CVE-2017-9953 | Use After Free vulnerability in multiple products There is an invalid free in Image::printIFDStructure that leads to a Segmentation fault in Exiv2 0.26. | 7.5 |
| 2017-06-26 | CVE-2017-7458 | NULL Pointer Dereference vulnerability in Ntop Ntopng The NetworkInterface::getHost function in NetworkInterface.cpp in ntopng before 3.0 allows remote attackers to cause a denial of service (NULL pointer dereference and application crash) via an empty field that should have contained a hostname or IP address. | 7.5 |