Vulnerabilities > High

DATE CVE VULNERABILITY TITLE RISK
2017-05-23 CVE-2017-9159 Out-of-bounds Write vulnerability in Autotrace Project Autotrace 0.31.1
libautotrace.a in AutoTrace 0.31.1 allows remote attackers to cause a denial of service (invalid write and SEGV), related to the pnm_load_rawpbm function in input-pnm.c:391:15.
network
low complexity
autotrace-project CWE-787
7.5
7.5
2017-05-23 CVE-2017-9158 Out-of-bounds Write vulnerability in Autotrace Project Autotrace 0.31.1
libautotrace.a in AutoTrace 0.31.1 allows remote attackers to cause a denial of service (invalid write and SEGV), related to the pnm_load_raw function in input-pnm.c:336:11.
network
low complexity
autotrace-project CWE-787
7.5
7.5
2017-05-23 CVE-2017-9157 Out-of-bounds Write vulnerability in Autotrace Project Autotrace 0.31.1
libautotrace.a in AutoTrace 0.31.1 allows remote attackers to cause a denial of service (invalid write and SEGV), related to the pnm_load_ascii function in input-pnm.c:306:14.
network
low complexity
autotrace-project CWE-787
7.5
7.5
2017-05-23 CVE-2017-9156 Out-of-bounds Write vulnerability in Autotrace Project Autotrace 0.31.1
libautotrace.a in AutoTrace 0.31.1 allows remote attackers to cause a denial of service (invalid write and SEGV), related to the pnm_load_ascii function in input-pnm.c:303:12.
network
low complexity
autotrace-project CWE-787
7.5
7.5
2017-05-23 CVE-2017-9155 Out-of-bounds Read vulnerability in Autotrace Project Autotrace 0.31.1
libautotrace.a in AutoTrace 0.31.1 allows remote attackers to cause a denial of service (invalid read and SEGV), related to the input_pnm_reader function in input-pnm.c:243:3.
network
low complexity
autotrace-project CWE-125
7.5
7.5
2017-05-23 CVE-2017-9154 Out-of-bounds Read vulnerability in Autotrace Project Autotrace 0.31.1
libautotrace.a in AutoTrace 0.31.1 allows remote attackers to cause a denial of service (invalid read and SEGV), related to the GET_COLOR function in color.c:16:11.
network
low complexity
autotrace-project CWE-125
7.5
7.5
2017-05-23 CVE-2017-8915 Reachable Assertion vulnerability in SAP Hana XS 1.00/2.00
sinopia, as used in SAP HANA XS 1.00 and 2.00, allows remote attackers to cause a denial of service (assertion failure and service crash) by pushing a package with a filename containing a $ (dollar sign) or % (percent) character, aka SAP Security Note 2407694.
network
low complexity
sap CWE-617
7.5
7.5
2017-05-23 CVE-2017-8914 Unspecified vulnerability in SAP Hana XS 1.00/2.00
sinopia, as used in SAP HANA XS 1.00 and 2.00, allows remote attackers to hijack npm packages or host arbitrary files by leveraging an insecure user creation policy, aka SAP Security Note 2407694.
network
low complexity
sap
8.3
8.3
2017-05-23 CVE-2017-8913 XXE vulnerability in SAP Netweaver Application Server Java 7.50
The Visual Composer VC70RUNTIME component in SAP NetWeaver AS JAVA 7.5 allows remote authenticated users to conduct XML External Entity (XXE) attacks via a crafted XML document in a request to irj/servlet/prt/portal/prtroot/com.sap.visualcomposer.BIKit.default, aka SAP Security Note 2386873.
network
low complexity
sap CWE-611
8.8
8.8
2017-05-23 CVE-2017-8309 Missing Release of Resource after Effective Lifetime vulnerability in multiple products
Memory leak in the audio/audio.c in QEMU (aka Quick Emulator) allows remote attackers to cause a denial of service (memory consumption) by repeatedly starting and stopping audio capture.
network
low complexity
qemu debian redhat CWE-772
7.5
7.5