Vulnerabilities > High
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2017-05-23 | CVE-2015-5469 | Path Traversal vulnerability in MDC Youtube Downloader Project MDC Youtube Downloader 2.1.0 Absolute path traversal vulnerability in the MDC YouTube Downloader plugin 2.1.0 for WordPress allows remote attackers to read arbitrary files via a full pathname in the file parameter to includes/download.php. | 7.5 |
| 2017-05-23 | CVE-2015-5468 | Path Traversal vulnerability in Wpshopstyling WP E-Commerce Shop Styling 2.5 Directory traversal vulnerability in the WP e-Commerce Shop Styling plugin before 2.6 for WordPress allows remote attackers to read arbitrary files via a .. | 7.5 |
| 2017-05-23 | CVE-2015-5401 | Improper Input Validation vulnerability in Teradata Express and Teradata Gateway Teradata Gateway before 15.00.03.02-1 and 15.10.x before 15.10.00.01-1 and TD Express before 15.00.02.08_Sles10 and 15.00.02.08_Sles11 allow remote attackers to cause a denial of service (database crash) via a malformed CONFIG REQUEST message. | 7.5 |
| 2017-05-23 | CVE-2015-5383 | Information Exposure vulnerability in Roundcube Webmail and Webmail Roundcube Webmail 1.1.x before 1.1.2 allows remote attackers to obtain sensitive information by reading files in the (1) config, (2) temp, or (3) logs directory. | 7.5 |
| 2017-05-23 | CVE-2015-4704 | Path Traversal vulnerability in Download ZIP Attachments Project Download ZIP Attachments 1.0 Directory traversal vulnerability in the Download Zip Attachments plugin 1.0 for WordPress allows remote attackers to read arbitrary files via a .. | 7.5 |
| 2017-05-23 | CVE-2015-4054 | NULL Pointer Dereference vulnerability in Pgbouncer PgBouncer before 1.5.5 allows remote attackers to cause a denial of service (NULL pointer dereference and crash) by sending a password packet before a startup packet. | 7.5 |
| 2017-05-23 | CVE-2015-4046 | Command Injection vulnerability in Alienvault Open Source Security Information Management The asset discovery scanner in AlienVault OSSIM before 5.0.1 allows remote authenticated users to execute arbitrary commands via the assets array parameter to netscan/do_scan.php. | 7.2 |
| 2017-05-23 | CVE-2015-1529 | Integer Overflow or Wraparound vulnerability in Google Android Integer overflow in soundtrigger/ISoundTriggerHwService.cpp in Android allows attacks to cause a denial of service via unspecified vectors. | 7.5 |
| 2017-05-22 | CVE-2017-1289 | XXE vulnerability in IBM SDK IBM SDK, Java Technology Edition is vulnerable XML External Entity Injection (XXE) error when processing XML data. | 8.2 |
| 2017-05-22 | CVE-2016-6112 | Permissions, Privileges, and Access Controls vulnerability in IBM products IBM Distributed Marketing and Marketing Platform 8.6, 9.0, 9.1, and 10.0 could allow an authenticated user to escalate their privileges and gain administrative permissions over the web application. | 8.8 |