Vulnerabilities > High

DATE CVE VULNERABILITY TITLE RISK
2017-04-13 CVE-2017-7219 Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in Citrix Netscaler Gateway Firmware
A heap overflow vulnerability in Citrix NetScaler Gateway versions 10.1 before 135.8/135.12, 10.5 before 65.11, 11.0 before 70.12, and 11.1 before 52.13 allows a remote authenticated attacker to run arbitrary commands via unspecified vectors.
network
low complexity
citrix CWE-119
8.8
2017-04-13 CVE-2016-4970 Infinite Loop vulnerability in multiple products
handler/ssl/OpenSslEngine.java in Netty 4.0.x before 4.0.37.Final and 4.1.x before 4.1.1.Final allows remote attackers to cause a denial of service (infinite loop).
network
low complexity
netty redhat apache CWE-835
7.5
2017-04-13 CVE-2016-1914 SQL Injection vulnerability in Blackberry Enterprise Service
Multiple SQL injection vulnerabilities in the com.rim.mdm.ui.server.ImageServlet servlet in BlackBerry Enterprise Server 12 (BES12) Self-Service before 12.4 allow remote attackers to execute arbitrary SQL commands via the imageName parameter to (1) mydevice/client/image, (2) admin/client/image, (3) myapps/client/image, (4) ssam/client/image, or (5) all/client/image.
network
low complexity
blackberry CWE-89
8.8
2017-04-13 CVE-2016-1132 Improper Certificate Validation vulnerability in Docomo Shoplat
Shoplat App for iOS 1.10.00 through 1.18.00 does not properly verify SSL certificates.
network
low complexity
docomo CWE-295
7.5
2017-04-13 CVE-2016-10123 Permissions, Privileges, and Access Controls vulnerability in Firejail Project Firejail
Firejail allows --chroot when seccomp is not supported, which might allow local users to gain privileges.
local
low complexity
firejail-project CWE-264
7.8
2017-04-13 CVE-2016-10122 Permissions, Privileges, and Access Controls vulnerability in Firejail Project Firejail
Firejail does not properly clean environment variables, which allows local users to gain privileges.
local
low complexity
firejail-project CWE-264
7.8
2017-04-13 CVE-2016-10121 Permissions, Privileges, and Access Controls vulnerability in Firejail Project Firejail
Firejail uses weak permissions for /dev/shm/firejail and possibly other files, which allows local users to gain privileges.
local
low complexity
firejail-project CWE-264
7.8
2017-04-13 CVE-2016-10120 Permissions, Privileges, and Access Controls vulnerability in Firejail Project Firejail
Firejail uses 0777 permissions when mounting (1) /dev, (2) /dev/shm, (3) /var/tmp, or (4) /var/lock, which allows local users to gain privileges.
local
low complexity
firejail-project CWE-264
7.8
2017-04-13 CVE-2016-10119 Permissions, Privileges, and Access Controls vulnerability in Firejail Project Firejail
Firejail uses 0777 permissions when mounting /tmp, which allows local users to gain privileges.
local
low complexity
firejail-project CWE-264
7.8
2017-04-13 CVE-2016-10117 Permissions, Privileges, and Access Controls vulnerability in Firejail Project Firejail
Firejail does not restrict access to --tmpfs, which allows local users to gain privileges, as demonstrated by mounting over /etc.
local
low complexity
firejail-project CWE-264
7.8