Vulnerabilities > High
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2017-06-27 | CVE-2017-7524 | Insufficiently Protected Credentials vulnerability in Tpm2-Tools Project Tpm2.0-Tools 1.1.0 tpm2-tools versions before 1.1.1 are vulnerable to a password leak due to transmitting password in plaintext from client to server when generating HMAC. | 7.5 |
| 2017-06-27 | CVE-2017-7520 | Out-of-bounds Read vulnerability in Openvpn OpenVPN versions before 2.4.3 and before 2.3.17 are vulnerable to denial-of-service and/or possibly sensitive memory leak triggered by man-in-the-middle attacker. | 7.4 |
| 2017-06-27 | CVE-2017-7508 | Reachable Assertion vulnerability in Openvpn OpenVPN versions before 2.4.3 and before 2.3.17 are vulnerable to remote denial-of-service when receiving malformed IPv6 packet. | 7.5 |
| 2017-06-26 | CVE-2017-9953 | Use After Free vulnerability in multiple products There is an invalid free in Image::printIFDStructure that leads to a Segmentation fault in Exiv2 0.26. | 7.5 |
| 2017-06-26 | CVE-2017-7458 | NULL Pointer Dereference vulnerability in Ntop Ntopng The NetworkInterface::getHost function in NetworkInterface.cpp in ntopng before 3.0 allows remote attackers to cause a denial of service (NULL pointer dereference and application crash) via an empty field that should have contained a hostname or IP address. | 7.5 |
| 2017-06-26 | CVE-2017-6324 | Unspecified vulnerability in Symantec Messaging Gateway The Symantec Messaging Gateway, when processing a specific email attachment, can allow a malformed or corrupted Word file with a potentially malicious macro through despite the administrator having the 'disarm' functionality enabled. | 7.3 |
| 2017-06-26 | CVE-2017-9949 | Out-of-bounds Write vulnerability in Radare Radare2 1.5.0 The grub_memmove function in shlr/grub/kern/misc.c in radare2 1.5.0 allows remote attackers to cause a denial of service (stack-based buffer underflow and application crash) or possibly have unspecified other impact via a crafted binary file, possibly related to a buffer underflow in fs/ext2.c in GNU GRUB 2.02. | 7.8 |
| 2017-06-26 | CVE-2016-8493 | Permissions, Privileges, and Access Controls vulnerability in Fortinet Forticlient 5.4.1/5.4.2 In FortiClientWindows 5.4.1 and 5.4.2, an attacker may escalate privilege via a FortiClientNamedPipe vulnerability. | 8.8 |
| 2017-06-26 | CVE-2015-3315 | Link Following vulnerability in Redhat Automatic BUG Reporting Tool Automatic Bug Reporting Tool (ABRT) allows local users to read, change the ownership of, or have other unspecified impact on arbitrary files via a symlink attack on (1) /var/tmp/abrt/*/maps, (2) /tmp/jvm-*/hs_error.log, (3) /proc/*/exe, (4) /etc/os-release in a chroot, or (5) an unspecified root directory related to librpm. | 7.8 |
| 2017-06-26 | CVE-2015-3215 | Improper Input Validation vulnerability in Redhat Virtio-Win The NetKVM Windows Virtio driver allows remote attackers to cause a denial of service (guest crash) via a crafted length value in an IP packet, as demonstrated by a value that does not account for the size of the IP options. | 7.5 |