Vulnerabilities > High
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2017-05-11 | CVE-2016-10370 | Improper Access Control vulnerability in Oneplus Oxygenos An issue was discovered on OnePlus devices such as the 3T. | 7.5 |
| 2017-05-11 | CVE-2017-8899 | Information Exposure vulnerability in Invisioncommunity Invision Power Board Invision Power Services (IPS) Community Suite 4.1.19.2 and earlier has a composite of Stored XSS and Information Disclosure issues in the attachments feature found in User CP. | 8.1 |
| 2017-05-11 | CVE-2016-7476 | Improper Input Validation vulnerability in F5 products The Traffic Management Microkernel (TMM) in F5 BIG-IP LTM, AAM, AFM, APM, ASM, GTM, Link Controller, PEM, PSM, and WebSafe 11.6.0 before 11.6.0 HF6, 11.5.0 before 11.5.3 HF2, and 11.3.0 before 11.4.1 HF10 may suffer from a memory leak while handling certain types of TCP traffic. | 7.5 |
| 2017-05-11 | CVE-2016-9100 | Credentials Management vulnerability in Broadcom Advanced Secure Gateway and Symantec Proxysg Symantec Advanced Secure Gateway (ASG) 6.6 prior to 6.6.5.13, ASG 6.7 prior to 6.7.3.1, ProxySG 6.5 prior to 6.5.10.6, ProxySG 6.6 prior to 6.6.5.13, and ProxySG 6.7 prior to 6.7.3.1 are susceptible to an information disclosure vulnerability. | 7.8 |
| 2017-05-11 | CVE-2016-9097 | Permissions, Privileges, and Access Controls vulnerability in Broadcom Advanced Secure Gateway and Symantec Proxysg The Symantec Advanced Secure Gateway (ASG) 6.6 prior to 6.6.5.8, ProxySG 6.5 prior 6.5.10.6, ProxySG 6.6 prior to 6.6.5.8, and ProxySG 6.7 prior to 6.7.1.2 management consoles do not, under certain circumstances, correctly authorize administrator users. | 7.2 |
| 2017-05-11 | CVE-2016-9092 | Cross-Site Request Forgery (CSRF) vulnerability in Symantec Content Analysis and Mail Threat Defense The Symantec Content Analysis (CA) 1.3, 2.x prior to 2.2.1.1, and Mail Threat Defense (MTD) 1.1 management consoles are susceptible to a cross-site request forging (CSRF) vulnerability. | 8.8 |
| 2017-05-11 | CVE-2015-5436 | Unspecified vulnerability in HP Integrated Lights-Out Firmware A potential security vulnerability has been identified with HP Integrated Lights-Out 4 (iLO 4) firmware version 2.11 and later, but prior to version 2.30. | 7.5 |
| 2017-05-10 | CVE-2017-8852 | Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in SAP Sapcar 721.510 SAP SAPCAR 721.510 has a Heap Based Buffer Overflow Vulnerability. | 7.8 |
| 2017-05-10 | CVE-2017-8890 | Double Free vulnerability in multiple products The inet_csk_clone_lock function in net/ipv4/inet_connection_sock.c in the Linux kernel through 4.10.15 allows attackers to cause a denial of service (double free) or possibly have unspecified other impact by leveraging use of the accept system call. | 7.8 |
| 2017-05-10 | CVE-2017-7698 | Use After Free vulnerability in Swftools A Use After Free in the pdf2swf part of swftools 0.9.2 and earlier allows remote attackers to execute arbitrary code via a malformed PDF document, possibly a consequence of an error in Gfx.cc in Xpdf 3.02. | 7.8 |