Vulnerabilities > High
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2017-03-27 | CVE-2016-4912 | NULL Pointer Dereference vulnerability in Openslp 2.0.0 The _xrealloc function in xlsp_xmalloc.c in OpenSLP 2.0.0 allows remote attackers to cause a denial of service (NULL pointer dereference and crash) via a large number of crafted packets, which triggers a memory allocation failure. | 7.5 |
| 2017-03-27 | CVE-2016-10225 | Permissions, Privileges, and Access Controls vulnerability in Allwinner Linux-3.4-Sunxi The sunxi-debug driver in Allwinner 3.4 legacy kernel for H3, A83T and H8 devices allows local users to gain root privileges by sending "rootmydevice" to /proc/sunxi_debug/sunxi_debug. | 7.8 |
| 2017-03-27 | CVE-2015-8764 | Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in Freeradius Off-by-one error in the EAP-PWD module in FreeRADIUS 3.0 through 3.0.8, which triggers a buffer overflow. | 8.1 |
| 2017-03-27 | CVE-2015-8763 | Out-of-bounds Read vulnerability in Freeradius The EAP-PWD module in FreeRADIUS 3.0 through 3.0.8 allows remote attackers to have unspecified impact via a crafted (1) commit or (2) confirm message, which triggers an out-of-bounds read. | 8.1 |
| 2017-03-27 | CVE-2015-0864 | Permissions, Privileges, and Access Controls vulnerability in Samsung Galaxy APP and Samsung Account APP Samsung Account (AKA com.osp.app.signin) before 1.6.0069 and 2.x before 2.1.0069 allows man-in-the-middle attackers to obtain sensitive information and execute arbitrary code. | 8.0 |
| 2017-03-27 | CVE-2015-0863 | Permissions, Privileges, and Access Controls vulnerability in Samsung Galaxy APP and Samsung Account APP GALAXY Apps (aka Samsung Apps, Samsung Updates, or com.sec.android.app.samsungapps) before 14120405.03.012 allows man-in-the-middle attackers to obtain sensitive information and execute arbitrary code. | 8.0 |
| 2017-03-27 | CVE-2017-5932 | Improper Input Validation vulnerability in GNU Bash 4.4 The path autocompletion feature in Bash 4.4 allows local users to gain privileges via a crafted filename starting with a " (double quote) character and a command substitution metacharacter. | 7.8 |
| 2017-03-27 | CVE-2017-5931 | Integer Overflow or Wraparound vulnerability in Qemu Integer overflow in hw/virtio/virtio-crypto.c in QEMU (aka Quick Emulator) allows local guest OS privileged users to cause a denial of service (QEMU process crash) or possibly execute arbitrary code on the host via a crafted virtio-crypto request, which triggers a heap-based buffer overflow. | 8.8 |
| 2017-03-27 | CVE-2017-5899 | Race Condition vulnerability in S-Nail Project S-Nail Directory traversal vulnerability in the setuid root helper binary in S-nail (later S-mailx) before 14.8.16 allows local users to write to arbitrary files and consequently gain root privileges via a .. | 7.0 |
| 2017-03-27 | CVE-2017-5850 | Allocation of Resources Without Limits or Throttling vulnerability in Openbsd 6.0 httpd in OpenBSD allows remote attackers to cause a denial of service (memory consumption) via a series of requests for a large file using an HTTP Range header. | 7.5 |