Vulnerabilities > High
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2017-05-09 | CVE-2017-3068 | Out-of-bounds Write vulnerability in multiple products Adobe Flash Player versions 25.0.0.148 and earlier have an exploitable memory corruption vulnerability in the Advanced Video Coding engine. | 8.8 |
| 2017-05-09 | CVE-2017-3067 | Information Exposure vulnerability in Adobe Experience Manager Forms 6.0/6.1/6.2 Adobe Experience Manager Forms versions 6.2, 6.1, 6.0 have an information disclosure vulnerability resulting from abuse of the pre-population service in AEM Forms. | 7.5 |
| 2017-05-09 | CVE-2016-9256 | Race Condition vulnerability in F5 products In F5 BIG-IP 12.1.0 through 12.1.2, permissions enforced by iControl can lag behind the actual permissions assigned to a user if the role_map is not reloaded between the time the permissions are changed and the time of the user's next request. | 7.5 |
| 2017-05-09 | CVE-2016-9253 | Improper Input Validation vulnerability in F5 products In F5 BIG-IP 12.1.0 through 12.1.2, specific websocket traffic patterns may cause a disruption of service for virtual servers configured to use the websocket profile. | 7.5 |
| 2017-05-09 | CVE-2016-9251 | Permissions, Privileges, and Access Controls vulnerability in F5 products In F5 BIG-IP 12.0.0 through 12.1.2, an authenticated attacker may be able to cause an escalation of privileges through a crafted iControl REST connection. | 8.8 |
| 2017-05-09 | CVE-2016-6799 | Information Exposure Through Log Files vulnerability in Apache Cordova Product: Apache Cordova Android 5.2.2 and earlier. | 7.5 |
| 2017-05-09 | CVE-2017-0290 | Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in Microsoft products The Microsoft Malware Protection Engine running on Microsoft Forefront and Microsoft Defender on Microsoft Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8.1, Windows Server 2012 Gold and R2, Windows RT 8.1, Windows 10 Gold, 1511, 1607, and 1703, and Windows Server 2016 does not properly scan a specially crafted file leading to memory corruption, aka "Microsoft Malware Protection Engine Remote Code Execution Vulnerability." | 7.8 |
| 2017-05-08 | CVE-2016-8209 | Improper Check for Unusual or Exceptional Conditions vulnerability in Brocade products Improper checks for unusual or exceptional conditions in Brocade NetIron 05.8.00 and later releases up to and including 06.1.00, when the Management Module is continuously scanned on port 22, may allow attackers to cause a denial of service (crash and reload) of the management module. | 7.5 |
| 2017-05-08 | CVE-2016-8202 | Permissions, Privileges, and Access Controls vulnerability in Broadcom Fabric Operating System A privilege escalation vulnerability in Brocade Fibre Channel SAN products running Brocade Fabric OS (FOS) releases earlier than v7.4.1d and v8.0.1b could allow an authenticated attacker to elevate the privileges of user accounts accessing the system via command line interface. | 8.8 |
| 2017-05-08 | CVE-2016-10369 | Improper Access Control vulnerability in Lxterminal Project Lxterminal 0.3.0 unixsocket.c in lxterminal through 0.3.0 insecurely uses /tmp for a socket file, allowing a local user to cause a denial of service (preventing terminal launch), or possibly have other impact (bypassing terminal access control). | 7.8 |