Vulnerabilities > High
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2017-04-06 | CVE-2017-3832 | Improper Handling of Exceptional Conditions vulnerability in Cisco Wireless LAN Controller Firmware 8.3.102.0 A vulnerability in the web management interface of Cisco Wireless LAN Controller (WLC) Software could allow an unauthenticated, remote attacker to cause a denial of service (DoS) condition on an affected device. | 7.5 |
| 2017-04-06 | CVE-2016-9219 | Improper Input Validation vulnerability in Cisco products A vulnerability with IPv6 UDP ingress packet processing in Cisco Wireless LAN Controller (WLC) Software could allow an unauthenticated, remote attacker to cause an unexpected reload of the device. | 7.5 |
| 2017-04-06 | CVE-2016-10320 | OS Command Injection vulnerability in Textract Project Textract textract before 1.5.0 allows OS Command Injection attacks via a filename in a call to the process function. | 7.8 |
| 2017-04-06 | CVE-2017-7571 | Cross-Site Request Forgery (CSRF) vulnerability in Ladybirdweb Faveo Helpdesk 1.9.3 public/rolechangeadmin in Faveo 1.9.3 allows CSRF. | 8.0 |
| 2017-04-06 | CVE-2017-7569 | Server-Side Request Forgery (SSRF) vulnerability in Vbulletin In vBulletin before 5.3.0, remote attackers can bypass the CVE-2016-6483 patch and conduct SSRF attacks by leveraging the behavior of the PHP parse_url function, aka VBV-17037. | 8.6 |
| 2017-04-06 | CVE-2017-6884 | OS Command Injection vulnerability in Zyxel Emg2926 Firmware V1.00(Aaqt.4)B8 A command injection vulnerability was discovered on the Zyxel EMG2926 home router with firmware V1.00(AAQT.4)b8. | 8.8 |
| 2017-04-06 | CVE-2017-7566 | Server-Side Request Forgery (SSRF) vulnerability in Mybb MyBB before 1.8.11 allows remote attackers to bypass an SSRF protection mechanism. | 7.7 |
| 2017-04-06 | CVE-2017-7565 | Path Traversal vulnerability in Splunk Hadoop Connect Splunk Hadoop Connect App has a path traversal vulnerability that allows remote authenticated users to execute arbitrary code, aka ERP-2041. | 8.8 |
| 2017-04-06 | CVE-2017-2675 | Little Snitch version 3.0 through 3.7.3 suffer from a local privilege escalation vulnerability in the installer part. | 7.8 |
| 2017-04-06 | CVE-2017-7192 | Improper Certificate Validation vulnerability in Starscream Project Starscream WebSocket.swift in Starscream before 2.0.4 allows an SSL Pinning bypass because of incorrect management of the certValidated variable (it can be set to true but cannot be set to false). | 7.5 |