Vulnerabilities > High
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2017-05-23 | CVE-2016-9842 | The inflateMark function in inflate.c in zlib 1.2.8 might allow context-dependent attackers to have unspecified impact via vectors involving left shifts of negative integers. | 8.8 |
| 2017-05-23 | CVE-2016-9840 | inftrees.c in zlib 1.2.8 might allow context-dependent attackers to have unspecified impact by leveraging improper pointer arithmetic. | 8.8 |
| 2017-05-23 | CVE-2016-5735 | Integer Overflow or Wraparound vulnerability in Pngquant 2.7.0 Integer overflow in the rwpng_read_image24_libpng function in rwpng.c in pngquant 2.7.0 allows remote attackers to have unspecified impact via a crafted PNG file, which triggers a buffer overflow. | 7.8 |
| 2017-05-23 | CVE-2016-5177 | Use After Free vulnerability in multiple products Use-after-free vulnerability in V8 in Google Chrome before 53.0.2785.143 allows remote attackers to cause a denial of service (crash) or possibly have unspecified other impact via unknown vectors. | 8.8 |
| 2017-05-23 | CVE-2016-1876 | Permissions, Privileges, and Access Controls vulnerability in Lenovo Solution Center 3.3.0001 The backend service process in Lenovo Solution Center (aka LSC) before 3.3.0002 allows local users to gain SYSTEM privileges via unspecified vectors. | 7.8 |
| 2017-05-23 | CVE-2016-10073 | Information Exposure vulnerability in Vanillaforums Vanilla The from method in library/core/class.email.php in Vanilla Forums before 2.3.1 allows remote attackers to spoof the email domain in sent messages and potentially obtain sensitive information via a crafted HTTP Host header, as demonstrated by a password reset request. | 7.5 |
| 2017-05-23 | CVE-2015-8089 | Permissions, Privileges, and Access Controls vulnerability in Huawei P7-L00 Firmware, P7-L05 Firmware and P7-L09 Firmware The GPU driver in Huawei P7 phones with software P7-L00 before P7-L00C17B851, P7-L05 before P7-L05C00B851, and P7-L09 before P7-L09C92B851 allows local users to read or write to arbitrary kernel memory locations and consequently cause a denial of service (system crash) or gain privileges via a crafted application. | 7.8 |
| 2017-05-23 | CVE-2015-6817 | Improper Authentication vulnerability in Pgbouncer 1.6 PgBouncer 1.6.x before 1.6.1, when configured with auth_user, allows remote attackers to gain login access as auth_user via an unknown username. | 8.1 |
| 2017-05-23 | CVE-2015-6586 | Information Exposure vulnerability in Huawei products The mDNS module in Huawei WLAN AC6005, AC6605, and ACU2 devices with software before V200R006C00SPC100 allows remote attackers to obtain sensitive information by leveraging failure to restrict processing of mDNS unicast queries to the link local network. | 7.5 |
| 2017-05-23 | CVE-2015-5682 | Permissions, Privileges, and Access Controls vulnerability in Powerplay Gallery Project Powerplay Gallery 3.3 upload.php in the Powerplay Gallery plugin 3.3 for WordPress allows remote attackers to create arbitrary directories via vectors related to the targetDir variable. | 7.5 |