Vulnerabilities > High
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2017-03-07 | CVE-2016-10200 | Use After Free vulnerability in multiple products Race condition in the L2TPv3 IP Encapsulation feature in the Linux kernel before 4.8.14 allows local users to gain privileges or cause a denial of service (use-after-free) by making multiple bind system calls without properly ascertaining whether a socket has the SOCK_ZAPPED status, related to net/l2tp/l2tp_ip.c and net/l2tp/l2tp_ip6.c. | 7.0 |
| 2017-03-07 | CVE-2017-5681 | Unspecified vulnerability in Intel Quickassist Technology Engine 0.5.18 The RSA-CRT implementation in the Intel QuickAssist Technology (QAT) Engine for OpenSSL versions prior to 0.5.19 may allow remote attackers to obtain private RSA keys by conducting a Lenstra side-channel attack. | 7.5 |
| 2017-03-07 | CVE-2016-9740 | Resource Management Errors vulnerability in IBM Qradar Security Information and Event Manager IBM QRadar 7.2 could allow a remote attacker to consume all resources on the server due to not properly restricting the size or amount of resources requested by an actor. | 7.5 |
| 2017-03-07 | CVE-2016-9728 | SQL Injection vulnerability in IBM Qradar Security Information and Event Manager IBM Qradar 7.2 is vulnerable to SQL injection. | 7.5 |
| 2017-03-07 | CVE-2016-9727 | Improper Input Validation vulnerability in IBM products IBM QRadar 7.2 could allow a remote authenticated attacker to execute arbitrary commands on the system. | 8.5 |
| 2017-03-07 | CVE-2016-9726 | Improper Input Validation vulnerability in IBM products IBM QRadar Incident Forensics 7.2 could allow a remote authenticated attacker to execute arbitrary commands on the system. | 8.8 |
| 2017-03-07 | CVE-2016-9724 | XXE vulnerability in IBM Qradar Security Information and Event Manager IBM QRadar 7.2 is vulnerable to a denial of service, caused by an XML External Entity Injection (XXE) error when processing XML data. | 8.1 |
| 2017-03-07 | CVE-2016-8940 | Information Exposure vulnerability in IBM Tivoli Storage Manager IBM Tivoli Storage Manager (IBM Spectrum Protect) 6.1, 6.2, 6.3, and 7.1 does not perform sufficient authority checking on SQL queries. | 8.8 |
| 2017-03-07 | CVE-2016-9643 | Resource Exhaustion vulnerability in Webkit 2.4.11 The regex code in Webkit 2.4.11 allows remote attackers to cause a denial of service (memory consumption) as demonstrated in a large number of ($ (open parenthesis and dollar) followed by {-2,16} and a large number of +) (plus close parenthesis). | 7.5 |
| 2017-03-07 | CVE-2016-6255 | Improper Access Control vulnerability in multiple products Portable UPnP SDK (aka libupnp) before 1.6.21 allows remote attackers to write to arbitrary files in the webroot via a POST request without a registered handler. | 7.5 |