Vulnerabilities > High

DATE CVE VULNERABILITY TITLE RISK
2017-04-25 CVE-2017-7477 Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in Linux Kernel
Heap-based buffer overflow in drivers/net/macsec.c in the MACsec module in the Linux kernel through 4.10.12 allows attackers to cause a denial of service or possibly have unspecified other impact by leveraging the use of a MAX_SKB_FRAGS+1 size in conjunction with the NETIF_F_FRAGLIST feature, leading to an error in the skb_to_sgvec function.
local
high complexity
linux CWE-119
7.0
2017-04-25 CVE-2017-7221 SQL Injection vulnerability in Opentext Documentum Content Server
OpenText Documentum Content Server has an inadequate protection mechanism against SQL injection, which allows remote authenticated users to execute arbitrary code with super-user privileges by leveraging the availability of the dm_bp_transition docbase method with a user-created dm_procedure object, as demonstrated by use of a backspace character in an injected string.
network
low complexity
opentext CWE-89
8.8
2017-04-25 CVE-2017-5051 Integer Overflow or Wraparound vulnerability in Google Chrome
An integer overflow in FFmpeg in Google Chrome prior to 57.0.2987.98 for Mac, Windows, and Linux and 57.0.2987.108 for Android allowed a remote attacker to perform an out of bounds memory write via a crafted video file, related to ChunkDemuxer.
network
low complexity
google CWE-190
8.8
2017-04-25 CVE-2017-5050 Integer Overflow or Wraparound vulnerability in Google Chrome
An integer overflow in FFmpeg in Google Chrome prior to 57.0.2987.98 for Mac, Windows, and Linux and 57.0.2987.108 for Android allowed a remote attacker to perform an out of bounds memory write via a crafted video file, related to ChunkDemuxer.
network
low complexity
google CWE-190
8.8
2017-04-25 CVE-2017-5049 Integer Overflow or Wraparound vulnerability in Google Chrome
An integer overflow in FFmpeg in Google Chrome prior to 57.0.2987.98 for Mac, Windows, and Linux and 57.0.2987.108 for Android allowed a remote attacker to perform an out of bounds memory write via a crafted video file, related to ChunkDemuxer.
network
low complexity
google CWE-190
8.8
2017-04-25 CVE-2017-5048 Integer Overflow or Wraparound vulnerability in Google Chrome
An integer overflow in FFmpeg in Google Chrome prior to 57.0.2987.98 for Mac, Windows, and Linux and 57.0.2987.108 for Android allowed a remote attacker to perform an out of bounds memory write via a crafted video file, related to ChunkDemuxer.
network
low complexity
google CWE-190
8.8
2017-04-25 CVE-2017-5047 Integer Overflow or Wraparound vulnerability in Google Chrome
An integer overflow in FFmpeg in Google Chrome prior to 57.0.2987.98 for Mac, Windows, and Linux and 57.0.2987.108 for Android allowed a remote attacker to perform an out of bounds memory write via a crafted video file, related to ChunkDemuxer.
network
low complexity
google CWE-190
8.8
2017-04-24 CVE-2017-5043 Use After Free vulnerability in multiple products
Chrome Apps in Google Chrome prior to 57.0.2987.98 for Linux, Windows, and Mac had a use after free bug in GuestView, which allowed a remote attacker to perform an out of bounds memory read via a crafted Chrome extension.
network
low complexity
google redhat debian CWE-416
8.8
2017-04-24 CVE-2017-5039 Use After Free vulnerability in multiple products
A use after free in PDFium in Google Chrome prior to 57.0.2987.98 for Mac, Windows, and Linux and 57.0.2987.108 for Android allowed a remote attacker to potentially exploit heap corruption via a crafted PDF file.
local
low complexity
google debian redhat CWE-416
7.8
2017-04-24 CVE-2017-5037 Integer Overflow or Wraparound vulnerability in multiple products
An integer overflow in FFmpeg in Google Chrome prior to 57.0.2987.98 for Mac, Windows, and Linux and 57.0.2987.108 for Android allowed a remote attacker to perform an out of bounds memory write via a crafted video file, related to ChunkDemuxer.
local
low complexity
google debian redhat CWE-190
7.8