Vulnerabilities > High
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2017-04-21 | CVE-2016-0720 | Cross-Site Request Forgery (CSRF) vulnerability in multiple products Cross-site request forgery (CSRF) vulnerability in pcsd web UI in pcs before 0.9.149. | 8.8 |
| 2017-04-21 | CVE-2016-4846 | Untrusted Search Path vulnerability in Securebrain Phishwall Client 3.7.8.1 Untrusted search path vulnerability in the installer of PhishWall Client Internet Explorer before 3.7.8.2. | 7.8 |
| 2017-04-21 | CVE-2016-1148 | Improper Certificate Validation vulnerability in Photosynth Akerun 1.2.3 Akerun - Smart Lock Robot App for iOS before 1.2.4 does not verify SSL certificates. | 8.1 |
| 2017-04-21 | CVE-2016-0833 | Unspecified vulnerability in Google Android Android allows users to cause a denial of service. | 7.5 |
| 2017-04-21 | CVE-2017-7951 | Cross-Site Request Forgery (CSRF) vulnerability in Wondercms WonderCMS before 2.0.3 has CSRF because of lack of a token in an unspecified context. | 8.8 |
| 2017-04-21 | CVE-2017-7220 | Improper Input Validation vulnerability in Opentext Documentum Content Server OpenText Documentum Content Server allows superuser access via sys_obj_save or save of a crafted object, followed by an unauthorized "UPDATE dm_dbo.dm_user_s SET user_privileges=16" command, aka an "RPC save-commands" attack. | 8.8 |
| 2017-04-21 | CVE-2017-7990 | Cross-Site Request Forgery (CSRF) vulnerability in Openmrs Module Reporting 1.12.0 The Reporting Module 1.12.0 for OpenMRS allows CSRF attacks with resultant XSS, in which administrative authentication is hijacked to insert JavaScript into a name field in webapp/reports/manageReports.jsp. | 8.8 |
| 2017-04-20 | CVE-2017-6619 | Improper Input Validation vulnerability in Cisco Integrated Management Controller Supervisor 3.0(1C) A vulnerability in the web-based GUI of Cisco Integrated Management Controller (IMC) 3.0(1c) could allow an authenticated, remote attacker to execute arbitrary commands on an affected system. | 8.8 |
| 2017-04-20 | CVE-2017-6616 | Improper Input Validation vulnerability in Cisco Integrated Management Controller Supervisor 3.0(1C) A vulnerability in the web-based GUI of Cisco Integrated Management Controller (IMC) 3.0(1c) could allow an authenticated, remote attacker to execute arbitrary code on an affected system. | 8.8 |
| 2017-04-20 | CVE-2017-6610 | Improper Input Validation vulnerability in Cisco Adaptive Security Appliance Software A vulnerability in the Internet Key Exchange Version 1 (IKEv1) XAUTH code of Cisco ASA Software could allow an authenticated, remote attacker to cause a reload of an affected system. | 7.7 |