Vulnerabilities > High

DATE CVE VULNERABILITY TITLE RISK
2017-04-13 CVE-2016-10117 Permissions, Privileges, and Access Controls vulnerability in Firejail Project Firejail
Firejail does not restrict access to --tmpfs, which allows local users to gain privileges, as demonstrated by mounting over /etc.
local
low complexity
firejail-project CWE-264
7.8
2017-04-13 CVE-2015-8284 Improper Access Control vulnerability in Seawell Networks Spectrum SDC 02.05.00
SeaWell Networks Spectrum SDC 02.05.00 allows remote viewer users to perform administrative functions.
network
low complexity
seawell-networks CWE-284
8.8
2017-04-13 CVE-2015-8270 NULL Pointer Dereference vulnerability in Rtmpdump Project Rtmpdump 2.4
The AMF3ReadString function in amf.c in RTMPDump 2.4 allows remote RTMP Media servers to cause a denial of service (invalid pointer dereference and process crash).
network
low complexity
rtmpdump-project CWE-476
7.5
2017-04-13 CVE-2015-8107 Use of Externally-Controlled Format String vulnerability in GNU A2Ps 4.14
Format string vulnerability in GNU a2ps 4.14 allows remote attackers to execute arbitrary code.
local
low complexity
gnu CWE-134
7.8
2017-04-13 CVE-2012-6697 Resource Management Errors vulnerability in multiple products
InspIRCd before 2.0.7 allows remote attackers to cause a denial of service (infinite loop).
network
low complexity
inspire-ircd debian CWE-399
7.5
2017-04-12 CVE-2017-7748 Infinite Loop vulnerability in Wireshark
In Wireshark 2.2.0 to 2.2.5 and 2.0.0 to 2.0.11, the WSP dissector could go into an infinite loop, triggered by packet injection or a malformed capture file.
network
low complexity
wireshark CWE-835
7.5
2017-04-12 CVE-2017-7747 Improper Input Validation vulnerability in multiple products
In Wireshark 2.2.0 to 2.2.5 and 2.0.0 to 2.0.11, the PacketBB dissector could crash, triggered by packet injection or a malformed capture file.
network
low complexity
wireshark debian CWE-20
7.5
2017-04-12 CVE-2017-7746 Infinite Loop vulnerability in multiple products
In Wireshark 2.2.0 to 2.2.5 and 2.0.0 to 2.0.11, the SLSK dissector could go into an infinite loop, triggered by packet injection or a malformed capture file.
network
low complexity
wireshark debian CWE-835
7.5
2017-04-12 CVE-2017-7745 Infinite Loop vulnerability in Wireshark
In Wireshark 2.2.0 to 2.2.5 and 2.0.0 to 2.0.11, the SIGCOMP dissector could go into an infinite loop, triggered by packet injection or a malformed capture file.
network
low complexity
wireshark CWE-835
7.5
2017-04-12 CVE-2017-7705 Infinite Loop vulnerability in Wireshark
In Wireshark 2.2.0 to 2.2.5 and 2.0.0 to 2.0.11, the RPC over RDMA dissector could go into an infinite loop, triggered by packet injection or a malformed capture file.
network
low complexity
wireshark CWE-835
7.5