Vulnerabilities > High
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2017-03-02 | CVE-2015-8994 | Permissions, Privileges, and Access Controls vulnerability in PHP An issue was discovered in PHP 5.x and 7.x, when the configuration uses apache2handler/mod_php or php-fpm with OpCache enabled. | 7.5 |
| 2017-03-02 | CVE-2017-6319 | Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in Radare Radare2 1.2.1 The dex_parse_debug_item function in libr/bin/p/bin_dex.c in radare2 1.2.1 allows remote attackers to cause a denial of service (buffer overflow and application crash) or possibly have unspecified other impact via a crafted DEX file. | 7.8 |
| 2017-03-01 | CVE-2017-3826 | Improper Input Validation vulnerability in Cisco Netflow Generation Appliance Software A vulnerability in the Stream Control Transmission Protocol (SCTP) decoder of the Cisco NetFlow Generation Appliance (NGA) with software before 1.1(1a) could allow an unauthenticated, remote attacker to cause the device to hang or unexpectedly reload, causing a denial of service (DoS) condition. | 7.5 |
| 2017-03-01 | CVE-2016-9994 | SQL Injection vulnerability in IBM Kenexa Lcms Premier IBM Kenexa LCMS Premier on Cloud 9.0, and 10.0.0 is vulnerable to SQL injection. | 7.1 |
| 2017-03-01 | CVE-2016-9993 | SQL Injection vulnerability in IBM Kenexa Lcms Premier IBM Kenexa LCMS Premier on Cloud 9.0, and 10.0.0 is vulnerable to SQL injection. | 7.1 |
| 2017-03-01 | CVE-2016-9992 | SQL Injection vulnerability in IBM Kenexa Lcms Premier IBM Kenexa LCMS Premier on Cloud 9.0, and 10.0.0 is vulnerable to SQL injection. | 7.1 |
| 2017-03-01 | CVE-2016-2880 | Key Management Errors vulnerability in IBM Qradar Security Information and Event Manager IBM QRadar 7.2 stores the encryption key used to encrypt the service account password which can be obtained by a local user. | 7.8 |
| 2017-03-01 | CVE-2016-2879 | Inadequate Encryption Strength vulnerability in IBM Qradar Security Information and Event Manager IBM QRadar 7.2 uses outdated hashing algorithms to hash certain passwords, which could allow a local user to obtain and decrypt user credentials. | 7.8 |
| 2017-03-01 | CVE-2017-6347 | Out-of-bounds Read vulnerability in Linux Kernel The ip_cmsg_recv_checksum function in net/ipv4/ip_sockglue.c in the Linux kernel before 4.10.1 has incorrect expectations about skb data layout, which allows local users to cause a denial of service (buffer over-read) or possibly have unspecified other impact via crafted system calls, as demonstrated by use of the MSG_MORE flag in conjunction with loopback UDP transmission. | 7.8 |
| 2017-03-01 | CVE-2017-6346 | Use After Free vulnerability in Linux Kernel Race condition in net/packet/af_packet.c in the Linux kernel before 4.9.13 allows local users to cause a denial of service (use-after-free) or possibly have unspecified other impact via a multithreaded application that makes PACKET_FANOUT setsockopt system calls. | 7.0 |