Vulnerabilities > High
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2017-06-02 | CVE-2017-9343 | NULL Pointer Dereference vulnerability in Wireshark In Wireshark 2.2.0 to 2.2.6 and 2.0.0 to 2.0.12, the MSNIP dissector misuses a NULL pointer. | 7.5 |
| 2017-06-01 | CVE-2017-8386 | git-shell in git before 2.4.12, 2.5.x before 2.5.6, 2.6.x before 2.6.7, 2.7.x before 2.7.5, 2.8.x before 2.8.5, 2.9.x before 2.9.4, 2.10.x before 2.10.3, 2.11.x before 2.11.2, and 2.12.x before 2.12.3 might allow remote authenticated users to gain privileges via a repository name that starts with a - (dash) character. | 8.8 |
| 2017-06-01 | CVE-2015-6531 | Code Injection vulnerability in Paloaltonetworks Pan-Os Palo Alto Networks Panorama VM Appliance with PAN-OS before 6.0.1 might allow remote attackers to execute arbitrary Python code via a crafted firmware image file. | 7.8 |
| 2017-06-01 | CVE-2017-9334 | Improper Input Validation vulnerability in Call-Cc Chicken An incorrect "pair?" check in the Scheme "length" procedure results in an unsafe pointer dereference in all CHICKEN Scheme versions prior to 4.13, which allows an attacker to cause a denial of service by passing an improper list to an application that calls "length" on it. | 7.5 |
| 2017-05-31 | CVE-2017-9304 | Uncontrolled Recursion vulnerability in Virustotal Yara 3.5.0 libyara/re.c in the regexp module in YARA 3.5.0 allows remote attackers to cause a denial of service (stack consumption) via a crafted rule that is mishandled in the _yr_re_emit function. | 7.5 |
| 2017-05-31 | CVE-2017-8402 | Code Injection vulnerability in Pivotx 2.3.11 PivotX 2.3.11 allows remote authenticated users to execute arbitrary PHP code via vectors involving an upload of a .htaccess file. | 8.8 |
| 2017-05-30 | CVE-2017-7502 | NULL Pointer Dereference vulnerability in Mozilla Network Security Services Null pointer dereference vulnerability in NSS since 3.24.0 was found when server receives empty SSLv2 messages resulting into denial of service by remote attacker. | 7.5 |
| 2017-05-30 | CVE-2017-2306 | Incorrect Authorization vulnerability in Juniper Junos Space On Juniper Networks Junos Space versions prior to 16.1R1, due to an insufficient authorization check, readonly users on the Junos Space administrative web interface can execute code on the device. | 8.8 |
| 2017-05-30 | CVE-2017-2305 | Incorrect Authorization vulnerability in Juniper Junos Space On Juniper Networks Junos Space versions prior to 16.1R1, due to an insufficient authorization check, readonly users on the Junos Space administrative web interface can create privileged users, allowing privilege escalation. | 8.8 |
| 2017-05-30 | CVE-2017-2304 | Information Exposure vulnerability in Juniper Junos 14.1X53/15.1/15.1X53 Juniper Networks QFX3500, QFX3600, QFX5100, QFX5200, EX4300 and EX4600 devices running Junos OS 14.1X53 prior to 14.1X53-D40, 15.1X53 prior to 15.1X53-D40, 15.1 prior to 15.1R2, do not pad Ethernet packets with zeros, and thus some packets can contain fragments of system memory or data from previous packets. | 7.5 |