Vulnerabilities > High
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2017-03-20 | CVE-2017-6318 | Information Exposure vulnerability in multiple products saned in sane-backends 1.0.25 allows remote attackers to obtain sensitive memory information via a crafted SANE_NET_CONTROL_OPTION packet. | 7.5 |
| 2017-03-20 | CVE-2017-6178 | NULL Pointer Dereference vulnerability in Usbpcap Project Usbpcap 1.1.0.0 The IofCallDriver function in USBPcap 1.1.0.0 allows local users to gain privileges via a crafted 0x00090028 IOCTL call, which triggers a NULL pointer dereference. | 7.8 |
| 2017-03-20 | CVE-2017-6058 | Classic Buffer Overflow vulnerability in Qemu Buffer overflow in NetRxPkt::ehdr_buf in hw/net/net_rx_pkt.c in QEMU (aka Quick Emulator), when the VLANSTRIP feature is enabled on the vmxnet3 device, allows remote attackers to cause a denial of service (out-of-bounds access and QEMU process crash) via vectors related to VLAN stripping. | 7.5 |
| 2017-03-20 | CVE-2017-5618 | Incorrect Authorization vulnerability in GNU Screen GNU screen before 4.5.1 allows local users to modify arbitrary files and consequently gain root privileges by leveraging improper checking of logfile permissions. | 7.8 |
| 2017-03-20 | CVE-2017-1151 | Unspecified vulnerability in IBM Websphere Application Server IBM WebSphere Application Server 8.0, 8.5, 8.5.5, and 9.0 using OpenID Connect (OIDC) configured with a Trust Association Interceptor (TAI) could allow a user to gain elevated privileges on the system. | 8.1 |
| 2017-03-20 | CVE-2017-1145 | Improper Resource Shutdown or Release vulnerability in IBM Websphere MQ 8.0.0.6 IBM WebSphere MQ 8.0.0.6 does not properly terminate channel agents when they are no longer needed, which could allow a user to cause a denial of service through resource exhaustion. | 8.6 |
| 2017-03-20 | CVE-2017-1134 | Unspecified vulnerability in IBM Power Hardware Management Console 3.3.2/4.1 IBM Reliable Scalable Cluster Technology could allow a local user to escalate their privileges to gain root access. | 7.8 |
| 2017-03-20 | CVE-2016-9165 | Information Exposure vulnerability in CA products The get_sessions servlet in CA Unified Infrastructure Management (formerly CA Nimsoft Monitor) before 8.5 and CA Unified Infrastructure Management Snap (formerly CA Nimsoft Monitor Snap) allows remote attackers to obtain active session ids and consequently bypass authentication or gain privileges via unspecified vectors. | 7.5 |
| 2017-03-20 | CVE-2016-5857 | Permissions, Privileges, and Access Controls vulnerability in Google Android 7.0 The Qualcomm SPCom driver in Android before 7.0 allows local users to execute arbitrary code within the context of the kernel via a crafted application, aka Android internal bug 34386529 and Qualcomm internal bug CR#1094140. | 7.8 |
| 2017-03-20 | CVE-2015-8983 | Integer Overflow or Wraparound vulnerability in GNU Glibc Integer overflow in the _IO_wstr_overflow function in libio/wstrops.c in the GNU C Library (aka glibc or libc6) before 2.22 allows context-dependent attackers to cause a denial of service (application crash) or possibly execute arbitrary code via vectors related to computing a size in bytes, which triggers a heap-based buffer overflow. | 8.1 |