Vulnerabilities > High
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2017-06-13 | CVE-2014-9960 | Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in Google Android In all Android releases from CAF using the Linux kernel, a buffer overflow vulnerability exists in the PlayReady API. | 7.8 |
| 2017-06-13 | CVE-2016-9984 | Permissions, Privileges, and Access Controls vulnerability in IBM Maximo Asset Management 7.5/7.6 IBM Maximo Asset Management 7.5 and 7.6 could allow a remote authenticated attacker to execute arbitrary commands on the system as administrator. | 8.8 |
| 2017-06-13 | CVE-2017-9603 | SQL Injection vulnerability in Intensewp WP Jobs SQL injection vulnerability in the WP Jobs plugin before 1.5 for WordPress allows authenticated users to execute arbitrary SQL commands via the jobid parameter to wp-admin/edit.php. | 8.8 |
| 2017-06-13 | CVE-2017-9429 | SQL Injection vulnerability in Event List Project Event List 0.7.8 SQL injection vulnerability in the Event List plugin 0.7.8 for WordPress allows an authenticated user to execute arbitrary SQL commands via the id parameter to wp-admin/admin.php. | 8.8 |
| 2017-06-13 | CVE-2016-5391 | NULL Pointer Dereference vulnerability in multiple products libreswan before 3.18 allows remote attackers to cause a denial of service (NULL pointer dereference and pluto daemon restart). | 7.5 |
| 2017-06-13 | CVE-2016-3704 | Credentials Management vulnerability in multiple products Pulp before 2.8.5 uses bash's $RANDOM in an unsafe way to generate passwords. | 7.5 |
| 2017-06-13 | CVE-2015-4596 | Permissions, Privileges, and Access Controls vulnerability in Lenovo Mouse Suite 6.72 Lenovo Mouse Suite before 6.73 allows local users to run arbitrary code with administrator privileges. | 7.8 |
| 2017-06-13 | CVE-2015-3220 | Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in Tlslite Project Tlslite The tlslite library before 0.4.9 for Python allows remote attackers to trigger a denial of service (runtime exception and process crash). | 7.5 |
| 2017-06-13 | CVE-2017-9604 | Missing Encryption of Sensitive Data vulnerability in KDE Kmail and Messagelib KDE kmail before 5.5.2 and messagelib before 5.5.2, as distributed in KDE Applications before 17.04.2, do not ensure that a plugin's sign/encrypt action occurs during use of the Send Later feature, which allows remote attackers to obtain sensitive information by sniffing the network. | 7.5 |
| 2017-06-13 | CVE-2017-9552 | Improper Authentication vulnerability in Synology Photo Station A design flaw in authentication in Synology Photo Station 6.0-2528 through 6.7.1-3419 allows local users to obtain credentials via cmdline. | 7.8 |