Vulnerabilities > High
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2017-06-23 | CVE-2017-1347 | SQL Injection vulnerability in IBM Sterling B2B Integrator 5.2 IBM Sterling B2B Integrator Standard Edition 5.2 is vulnerable to SQL injection. | 8.8 |
| 2017-06-22 | CVE-2017-9776 | Integer Overflow or Wraparound vulnerability in multiple products Integer overflow leading to Heap buffer overflow in JBIG2Stream.cc in pdftocairo in Poppler before 0.56 allows remote attackers to cause a denial of service (application crash) or possibly have unspecified other impact via a crafted PDF document. | 7.8 |
| 2017-06-22 | CVE-2017-0897 | Insufficient Entropy vulnerability in Expressionengine ExpressionEngine version 2.x < 2.11.8 and version 3.x < 3.5.5 create an object signing token with weak entropy. | 7.5 |
| 2017-06-22 | CVE-2017-0176 | Classic Buffer Overflow vulnerability in Microsoft Windows Server 2003 and Windows XP A buffer overflow in Smart Card authentication code in gpkcsp.dll in Microsoft Windows XP through SP3 and Server 2003 through SP2 allows a remote attacker to execute arbitrary code on the target computer, provided that the computer is joined in a Windows domain and has Remote Desktop Protocol connectivity (or Terminal Services) enabled. | 8.1 |
| 2017-06-22 | CVE-2017-3629 | Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in Oracle Solaris 10/11 Vulnerability in the Solaris component of Oracle Sun Systems Products Suite (subcomponent: Kernel). | 7.8 |
| 2017-06-21 | CVE-2017-4988 | Unspecified vulnerability in EMC Isilon Onefs EMC Isilon OneFS 8.0.1.0, 8.0.0 - 8.0.0.3, 7.2.0 - 7.2.1.4, 7.1.x is affected by a privilege escalation vulnerability that could potentially be exploited by attackers to compromise the affected system. | 7.2 |
| 2017-06-21 | CVE-2017-3219 | Insufficient Verification of Data Authenticity vulnerability in Acronis True Image 2016/2017 Acronis True Image up to and including version 2017 Build 8053 performs software updates using HTTP. | 8.8 |
| 2017-06-21 | CVE-2017-3218 | Insufficient Verification of Data Authenticity vulnerability in Samsung Magician 5.0 Samsung Magician 5.0 fails to validate TLS certificates for HTTPS software update traffic. | 8.8 |
| 2017-06-21 | CVE-2016-7508 | SQL Injection vulnerability in Glpi-Project Glpi 0.90.4 Multiple SQL injection vulnerabilities in GLPI 0.90.4 allow an authenticated remote attacker to execute arbitrary SQL commands by using a certain character when the database is configured to use Big5 Asian encoding. | 7.5 |
| 2017-06-21 | CVE-2017-7922 | Improper Privilege Management vulnerability in Cambium Networks products An Improper Privilege Management issue was discovered in Cambium Networks ePMP. | 7.6 |