Vulnerabilities > High
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2016-12-15 | CVE-2016-9566 | Link Following vulnerability in Nagios base/logging.c in Nagios Core before 4.2.4 allows local users with access to an account in the nagios group to gain root privileges via a symlink attack on the log file. | 7.8 |
| 2016-12-15 | CVE-2015-6574 | Resource Management Errors vulnerability in Sisco Ax-S4 Iccp Firmware and Mms-Ease Firmware The SNAP Lite component in certain SISCO MMS-EASE and AX-S4 ICCP products allows remote attackers to cause a denial of service (CPU consumption) via a crafted packet. | 7.5 |
| 2016-12-15 | CVE-2016-7892 | Use After Free vulnerability in Adobe Flash Player and Flash Player Desktop Runtime Adobe Flash Player versions 23.0.0.207 and earlier, 11.2.202.644 and earlier have an exploitable use after free vulnerability in the TextField class. | 8.8 |
| 2016-12-15 | CVE-2016-7890 | Unspecified vulnerability in Adobe Flash Player and Flash Player Desktop Runtime Adobe Flash Player versions 23.0.0.207 and earlier, 11.2.202.644 and earlier have security bypass vulnerability in the implementation of the same origin policy. | 8.8 |
| 2016-12-15 | CVE-2016-7889 | Information Exposure vulnerability in Adobe Digital Editions Adobe Digital Editions versions 4.5.2 and earlier has an issue with parsing crafted XML entries that could lead to information disclosure. | 7.5 |
| 2016-12-15 | CVE-2016-7887 | Information Exposure vulnerability in Adobe Coldfusion Builder Adobe ColdFusion Builder versions 2016 update 2 and earlier, 3.0.3 and earlier have an important vulnerability that could lead to information disclosure. | 7.5 |
| 2016-12-15 | CVE-2016-7885 | Cross-Site Request Forgery (CSRF) vulnerability in Adobe Experience Manager Adobe Experience Manager versions 6.2 and earlier have a vulnerability that could be used in Cross-Site Request Forgery attacks. | 8.8 |
| 2016-12-15 | CVE-2016-7881 | Use After Free vulnerability in Adobe Flash Player and Flash Player Desktop Runtime Adobe Flash Player versions 23.0.0.207 and earlier, 11.2.202.644 and earlier have an exploitable use after free vulnerability in the MovieClip class when handling conversion to an object. | 8.8 |
| 2016-12-15 | CVE-2016-7880 | Use After Free vulnerability in Adobe Flash Player and Flash Player Desktop Runtime Adobe Flash Player versions 23.0.0.207 and earlier, 11.2.202.644 and earlier have an exploitable use after free vulnerability when setting the length property of an array object. | 8.8 |
| 2016-12-15 | CVE-2016-7879 | Use After Free vulnerability in Adobe Flash Player and Flash Player Desktop Runtime Adobe Flash Player versions 23.0.0.207 and earlier, 11.2.202.644 and earlier have an exploitable use after free vulnerability in the NetConnection class when handling an attached script object. | 8.8 |