Vulnerabilities > High
DATE | CVE | VULNERABILITY TITLE | RISK |
---|---|---|---|
2017-04-14 | CVE-2017-7408 | Improper Input Validation vulnerability in Paloaltonetworks Traps 3.4.3 Palo Alto Networks Traps ESM Console before 3.4.4 allows attackers to cause a denial of service by leveraging improper validation of requests to revoke a Traps agent license. | 7.5 |
2017-04-14 | CVE-2017-7218 | Improper Input Validation vulnerability in Paloaltonetworks Pan-Os The Management Web Interface in Palo Alto Networks PAN-OS before 7.1.9 allows remote authenticated users to gain privileges via unspecified request parameters. | 7.8 |
2017-04-14 | CVE-2015-8356 | SQL Injection vulnerability in Bitrix Project Bitrix 6.5.2 Multiple SQL injection vulnerabilities in the mcart.xls module 6.5.2 and earlier for Bitrix allow remote authenticated users to execute arbitrary SQL commands via the (1) xls_profile parameter to admin/mcart_xls_import.php or the (2) xls_iblock_id, (3) xls_iblock_section_id, (4) firstRow, (5) titleRow, (6) firstColumn, (7) highestColumn, (8) sku_iblock_id, or (9) xls_iblock_section_id_new parameter to admin/mcart_xls_import_step_2.php. | 8.0 |
2017-04-14 | CVE-2017-7869 | Out-of-bounds Write vulnerability in GNU Gnutls GnuTLS before 2017-02-20 has an out-of-bounds write caused by an integer overflow and heap-based buffer overflow related to the cdk_pkt_read function in opencdk/read-packet.c. | 7.5 |
2017-04-14 | CVE-2017-7868 | Out-of-bounds Write vulnerability in multiple products International Components for Unicode (ICU) for C/C++ before 2017-02-13 has an out-of-bounds write caused by a heap-based buffer overflow related to the utf8TextAccess function in common/utext.cpp and the utext_moveIndex32* function. | 7.5 |
2017-04-14 | CVE-2017-7867 | Out-of-bounds Write vulnerability in multiple products International Components for Unicode (ICU) for C/C++ before 2017-02-13 has an out-of-bounds write caused by a heap-based buffer overflow related to the utf8TextAccess function in common/utext.cpp and the utext_setNativeIndex* function. | 7.5 |
2017-04-13 | CVE-2016-8727 | Information Exposure vulnerability in Moxa Awk-3131A Firmware 1.1 An exploitable information disclosure vulnerability exists in the Web Application functionality of Moxa AWK-3131A Wireless Access Point. | 7.5 |
2017-04-13 | CVE-2016-8726 | NULL Pointer Dereference vulnerability in Moxa Awk-3131A Firmware 1.1 An exploitable null pointer dereference vulnerability exists in the Web Application /forms/web_runScript iw_filename functionality of Moxa AWK-3131A Wireless Access Point running firmware 1.1. | 7.5 |
2017-04-13 | CVE-2016-8723 | NULL Pointer Dereference vulnerability in Moxa Awk-3131A Firmware 1.1 An exploitable null pointer dereference exists in the Web Application functionality of Moxa AWK-3131A Wireless Access Point running firmware 1.1. | 7.5 |
2017-04-13 | CVE-2016-8712 | Insufficient Session Expiration vulnerability in Moxa Awk-3131A Firmware 1.1 An exploitable nonce reuse vulnerability exists in the Web Application functionality of Moxa AWK-3131A Wireless AP running firmware 1.1. | 8.1 |