Vulnerabilities > High
DATE | CVE | VULNERABILITY TITLE | RISK |
---|---|---|---|
2017-06-06 | CVE-2017-9462 | Incorrect Permission Assignment for Critical Resource vulnerability in multiple products In Mercurial before 4.1.3, "hg serve --stdio" allows remote authenticated users to launch the Python debugger, and consequently execute arbitrary code, by using --debugger as a repository name. | 8.8 |
2017-06-06 | CVE-2016-0768 | Improper Access Control vulnerability in Postgresql PostgreSQL PL/Java after 9.0 does not honor access controls on large objects. | 7.5 |
2017-06-06 | CVE-2017-5243 | Use of a Broken or Risky Cryptographic Algorithm vulnerability in Rapid7 Nexpose The default SSH configuration in Rapid7 Nexpose hardware appliances shipped before June 2017 does not specify desired algorithms for key exchange and other important functions. | 8.5 |
2017-06-06 | CVE-2017-9449 | SQL Injection vulnerability in Bigtreecms Bigtree CMS SQL injection vulnerability in BigTree CMS through 4.2.18 allows remote authenticated users to execute arbitrary SQL commands via core/admin/modules/developer/modules/views/create.php. | 8.8 |
2017-06-06 | CVE-2017-5664 | Improper Handling of Exceptional Conditions vulnerability in Apache Tomcat The error page mechanism of the Java Servlet Specification requires that, when an error occurs and an error page is configured for the error that occurred, the original request and response are forwarded to the error page. | 7.5 |
2017-06-06 | CVE-2016-10297 | Race Condition vulnerability in Google Android In TrustZone in all Android releases from CAF using the Linux kernel, a Time-of-Check Time-of-Use Race Condition vulnerability could potentially exist. | 7.0 |
2017-06-06 | CVE-2015-9007 | Double Free vulnerability in Google Android In TrustZone in all Android releases from CAF using the Linux kernel, a Double Free vulnerability could potentially exist. | 7.8 |
2017-06-06 | CVE-2015-9006 | Improper Access Control vulnerability in Google Android In Resource Power Manager (RPM) in all Android releases from CAF using the Linux kernel, an Improper Access Control vulnerability could potentially exist. | 7.8 |
2017-06-06 | CVE-2015-9005 | Integer Overflow or Wraparound vulnerability in Google Android In TrustZone in all Android releases from CAF using the Linux kernel, an Integer Overflow to Buffer Overflow vulnerability could potentially exist. | 7.8 |
2017-06-06 | CVE-2014-9952 | Improper Authentication vulnerability in Google Android In the Secure File System in all Android releases from CAF using the Linux kernel, a capture-replay vulnerability could potentially exist. | 7.8 |