Vulnerabilities > High
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2017-04-14 | CVE-2017-1205 | Unspecified vulnerability in IBM Spectrum LSF IBM Platform LSF 10.1 contains an unspecified vulnerability that could allow a local user to escalate their privileges and obtain root access. | 8.8 |
| 2017-04-14 | CVE-2015-6568 | Improper Input Validation vulnerability in Wolfcms Wolf CMS Wolf CMS before 0.8.3.1 allows unrestricted file rename and PHP Code Execution because admin/plugin/file_manager/browse/ (aka the filemanager) does not prevent a change of a file extension to ".php" after originally using the parameter "filename" for uploading a JPEG image. | 8.8 |
| 2017-04-14 | CVE-2015-6567 | Improper Input Validation vulnerability in Wolfcms Wolf CMS Wolf CMS before 0.8.3.1 allows unrestricted file upload and PHP Code Execution because admin/plugin/file_manager/browse/ (aka the filemanager) does not validate the parameter "filename" properly. | 8.8 |
| 2017-04-14 | CVE-2017-7643 | Unspecified vulnerability in Proxifier Proxifier for Mac before 2.19 allows local users to gain privileges via the first parameter to the KLoader setuid program. | 7.8 |
| 2017-04-14 | CVE-2017-7456 | Improper Input Validation vulnerability in Moxa Mxview 2.8 Moxa MXView 2.8 allows remote attackers to cause a Denial of Service by sending overly long junk payload for the MXView client login credentials. | 7.5 |
| 2017-04-14 | CVE-2017-7455 | Information Exposure vulnerability in Moxa Mxview 2.8 Moxa MXView 2.8 allows remote attackers to read web server's private key file, no access control. | 7.5 |
| 2017-04-14 | CVE-2017-7408 | Improper Input Validation vulnerability in Paloaltonetworks Traps 3.4.3 Palo Alto Networks Traps ESM Console before 3.4.4 allows attackers to cause a denial of service by leveraging improper validation of requests to revoke a Traps agent license. | 7.5 |
| 2017-04-14 | CVE-2017-7218 | Improper Input Validation vulnerability in Paloaltonetworks Pan-Os The Management Web Interface in Palo Alto Networks PAN-OS before 7.1.9 allows remote authenticated users to gain privileges via unspecified request parameters. | 7.8 |
| 2017-04-14 | CVE-2015-8356 | SQL Injection vulnerability in Bitrix Project Bitrix 6.5.2 Multiple SQL injection vulnerabilities in the mcart.xls module 6.5.2 and earlier for Bitrix allow remote authenticated users to execute arbitrary SQL commands via the (1) xls_profile parameter to admin/mcart_xls_import.php or the (2) xls_iblock_id, (3) xls_iblock_section_id, (4) firstRow, (5) titleRow, (6) firstColumn, (7) highestColumn, (8) sku_iblock_id, or (9) xls_iblock_section_id_new parameter to admin/mcart_xls_import_step_2.php. | 8.0 |
| 2017-04-14 | CVE-2017-7869 | Out-of-bounds Write vulnerability in GNU Gnutls GnuTLS before 2017-02-20 has an out-of-bounds write caused by an integer overflow and heap-based buffer overflow related to the cdk_pkt_read function in opencdk/read-packet.c. | 7.5 |