Vulnerabilities > High
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2017-04-03 | CVE-2017-6194 | Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in Radare Radare2 1.2.1 The relocs function in libr/bin/p/bin_bflt.c in radare2 1.2.1 allows remote attackers to cause a denial of service (heap-based buffer overflow and application crash) or possibly have unspecified other impact via a crafted binary file. | 7.8 |
| 2017-04-03 | CVE-2017-6181 | Improper Input Validation vulnerability in Ruby-Lang Ruby 2.4.0 The parse_char_class function in regparse.c in the Onigmo (aka Oniguruma-mod) regular expression library, as used in Ruby 2.4.0, allows remote attackers to cause a denial of service (deep recursion and application crash) via a crafted regular expression. | 7.5 |
| 2017-04-03 | CVE-2017-5924 | Use After Free vulnerability in Virustotal Yara 3.5.0 libyara/grammar.y in YARA 3.5.0 allows remote attackers to cause a denial of service (use-after-free and application crash) via a crafted rule that is mishandled in the yr_compiler_destroy function. | 7.5 |
| 2017-04-03 | CVE-2017-5923 | Out-of-bounds Read vulnerability in Virustotal Yara 3.5.0 libyara/grammar.y in YARA 3.5.0 allows remote attackers to cause a denial of service (heap-based out-of-bounds read and application crash) via a crafted rule that is mishandled in the yara_yyparse function. | 7.5 |
| 2017-04-03 | CVE-2016-10314 | Information Exposure vulnerability in Jensenofscandinavia Al3G Firmware, Al5000Ac Firmware and Al59300 Firmware Jensen of Scandinavia AS Air:Link 3G (AL3G) version 2.23m (Rev. | 8.8 |
| 2017-04-03 | CVE-2016-10313 | Cross-Site Request Forgery (CSRF) vulnerability in Jensenofscandinavia Al3G Firmware, Al5000Ac Firmware and Al59300 Firmware Jensen of Scandinavia AS Air:Link 3G (AL3G) version 2.23m (Rev. | 8.8 |
| 2017-04-03 | CVE-2016-10226 | Out-of-bounds Read vulnerability in Apple Safari 18 JavaScriptCore in WebKit, as distributed in Safari Technology Preview Release 18, allows remote attackers to cause a denial of service (bitfield out-of-bounds read and application crash) via crafted JavaScript code that is mishandled in the operatorString function, related to assembler/MacroAssemblerARM64.h, assembler/MacroAssemblerX86Common.h, and wasm/WasmB3IRGenerator.cpp. | 7.5 |
| 2017-04-03 | CVE-2016-10222 | Improper Input Validation vulnerability in Apple Safari 18 runtime/JSONObject.cpp in JavaScriptCore in WebKit, as distributed in Safari Technology Preview Release 18, allows remote attackers to cause a denial of service (segmentation violation and application crash) via crafted JavaScript code that triggers a "type confusion" in the JSON.stringify function. | 7.5 |
| 2017-04-03 | CVE-2016-10211 | Use After Free vulnerability in Virustotal Yara 3.5.0 libyara/grammar.y in YARA 3.5.0 allows remote attackers to cause a denial of service (use-after-free and application crash) via a crafted rule that is mishandled in the yr_parser_lookup_loop_variable function. | 7.5 |
| 2017-04-03 | CVE-2016-10210 | NULL Pointer Dereference vulnerability in Virustotal Yara 3.5.0 libyara/lexer.l in YARA 3.5.0 allows remote attackers to cause a denial of service (NULL pointer dereference and application crash) via a crafted rule that is mishandled in the yy_get_next_buffer function. | 7.5 |