Vulnerabilities > High
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2017-04-10 | CVE-2016-4319 | Cross-Site Request Forgery (CSRF) vulnerability in Atlassian Jira Atlassian JIRA Server before 7.1.9 has CSRF in auditing/settings. | 8.8 |
| 2017-04-10 | CVE-2016-1516 | Double Free vulnerability in multiple products OpenCV 3.0.0 has a double free issue that allows attackers to execute arbitrary code. | 8.8 |
| 2017-04-10 | CVE-2015-8258 | Injection vulnerability in Axis Communications Firmware 5.80.3 AXIS Communications products with firmware through 5.80.x allow remote attackers to modify arbitrary files as root via vectors involving Open Script Editor, aka a "resource injection vulnerability." | 7.5 |
| 2017-04-10 | CVE-2015-8255 | Cross-Site Request Forgery (CSRF) vulnerability in Axis Communications Firmware AXIS Communications products allow CSRF, as demonstrated by admin/pwdgrp.cgi, vaconfig.cgi, and admin/local_del.cgi. | 8.8 |
| 2017-04-10 | CVE-2015-7274 | Permissions, Privileges, and Access Controls vulnerability in Dell Integrated Remote Access Controller Firmware 1.99 Dell Integrated Remote Access Controller (iDRAC) 6 before 2.80 allows remote attackers to execute arbitrary administrative HTTP commands. | 8.8 |
| 2017-04-10 | CVE-2015-7270 | Path Traversal vulnerability in Dell Integrated Remote Access Controller Firmware 1.99/2.20.20.20 Dell Integrated Remote Access Controller (iDRAC) 6 before 2.80 and 7/8 before 2.21.21.21 allows directory traversal. | 7.8 |
| 2017-04-10 | CVE-2015-7265 | Improper Access Control vulnerability in Proxygen Project Proxygen Facebook Proxygen before 2015-11-09 mismanages HTTPMessage.request state, which allows remote attackers to conduct hijacking attacks and bypass ACL checks. | 7.5 |
| 2017-04-10 | CVE-2015-7263 | Improper Access Control vulnerability in Proxygen Project Proxygen The SPDY/2 codec in Facebook Proxygen before 2015-11-09 allows remote attackers to conduct hijacking attacks and bypass ACL checks via a crafted host value. | 7.5 |
| 2017-04-10 | CVE-2015-7260 | Permissions, Privileges, and Access Controls vulnerability in Vertiv Liebert Multilink Automated Shutdown 4.2.4 Liebert MultiLink Automated Shutdown v4.2.4 allows local users to gain privileges by replacing the LiebertM executable file. | 7.8 |
| 2017-04-10 | CVE-2015-6028 | SQL Injection vulnerability in Castlerock Snmpc 12.1/9.0 Castle Rock Computing SNMPc before 2015-12-17 has SQL injection via the sc parameter. | 8.8 |