Vulnerabilities > High

DATE CVE VULNERABILITY TITLE RISK
2017-08-30 CVE-2017-13774 Information Exposure vulnerability in Hikvision Ivms-4200 2.6.2.6
Hikvision iVMS-4200 devices before v2.6.2.7 allow local users to generate password-recovery codes via unspecified vectors.
local
low complexity
hikvision CWE-200
7.8
7.8
2017-08-30 CVE-2017-13767 Infinite Loop vulnerability in Wireshark
In Wireshark 2.4.0, 2.2.0 to 2.2.8, and 2.0.0 to 2.0.14, the MSDP dissector could go into an infinite loop.
network
low complexity
wireshark CWE-835
7.5
7.5
2017-08-30 CVE-2017-13766 Out-of-bounds Write vulnerability in Wireshark
In Wireshark 2.4.0 and 2.2.0 to 2.2.8, the Profinet I/O dissector could crash with an out-of-bounds write.
network
low complexity
wireshark CWE-787
7.5
7.5
2017-08-30 CVE-2017-13765 Out-of-bounds Read vulnerability in multiple products
In Wireshark 2.4.0, 2.2.0 to 2.2.8, and 2.0.0 to 2.0.14, the IrCOMM dissector has a buffer over-read and application crash.
network
low complexity
wireshark debian CWE-125
7.5
7.5
2017-08-30 CVE-2017-13764 NULL Pointer Dereference vulnerability in Wireshark 2.4.0
In Wireshark 2.4.0, the Modbus dissector could crash with a NULL pointer dereference.
network
low complexity
wireshark CWE-476
7.5
7.5
2017-08-30 CVE-2017-13763 Allocation of Resources Without Limits or Throttling vulnerability in Onosproject Onos 1.10.0/1.8.0/1.9.0
ONOS versions 1.8.0, 1.9.0, and 1.10.0 do not restrict the amount of memory allocated.
network
low complexity
onosproject CWE-770
7.5
7.5
2017-08-29 CVE-2017-0379 Information Exposure vulnerability in multiple products
Libgcrypt before 1.8.1 does not properly consider Curve25519 side-channel attacks, which makes it easier for attackers to discover a secret key, related to cipher/ecc.c and mpi/ec.c.
network
low complexity
gnupg debian CWE-200
7.5
7.5
2017-08-29 CVE-2017-3154 Information Exposure vulnerability in Apache Atlas 0.6.0/0.7.0
Error responses from Apache Atlas versions 0.6.0-incubating and 0.7.0-incubating included stack trace, exposing excessive information.
network
low complexity
apache CWE-200
7.5
7.5
2017-08-29 CVE-2016-8752 Improper Access Control vulnerability in Apache Atlas 0.6.0/0.7.0/0.7.1
Apache Atlas versions 0.6.0 (incubating), 0.7.0 (incubating), and 0.7.1 (incubating) allow access to the webapp directory contents by pointing to URIs like /js and /img.
network
low complexity
apache CWE-284
7.5
7.5
2017-08-29 CVE-2014-9497 Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in Mpg123
Buffer overflow in mpg123 before 1.18.0.
network
low complexity
mpg123 CWE-119
7.5
7.5