Vulnerabilities > High
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2017-03-01 | CVE-2017-6345 | Improper Input Validation vulnerability in Linux Kernel The LLC subsystem in the Linux kernel before 4.9.13 does not ensure that a certain destructor exists in required circumstances, which allows local users to cause a denial of service (BUG_ON) or possibly have unspecified other impact via crafted system calls. | 7.8 |
| 2017-03-01 | CVE-2017-5995 | Information Exposure vulnerability in Netapp Ontap Select Deploy Administration Utility The NetApp ONTAP Select Deploy administration utility 2.0 through 2.2.1 might allow remote attackers to obtain sensitive information via unspecified vectors. | 7.5 |
| 2017-03-01 | CVE-2016-6485 | Use of a Broken or Risky Cryptographic Algorithm vulnerability in Magento Magento2 The __construct function in Framework/Encryption/Crypt.php in Magento 2 uses the PHP rand function to generate a random number for the initialization vector, which makes it easier for remote attackers to defeat cryptographic protection mechanisms by guessing the value. | 7.5 |
| 2017-03-01 | CVE-2016-5374 | Permissions, Privileges, and Access Controls vulnerability in Netapp Data Ontap 9.0/9.1 NetApp Data ONTAP 9.0 and 9.1 before 9.1P1 allows remote authenticated users that own SMB-hosted data to bypass intended sharing restrictions by leveraging improper handling of the owner_rights ACL entry. | 8.8 |
| 2017-03-01 | CVE-2016-10151 | Permissions, Privileges, and Access Controls vulnerability in Hesiod Project Hesiod 3.2.1 The hesiod_init function in lib/hesiod.c in Hesiod 3.2.1 compares EUID with UID to determine whether to use configurations from environment variables, which allows local users to gain privileges via the (1) HESIOD_CONFIG or (2) HES_DOMAIN environment variable and leveraging certain SUID/SGUID binary. | 7.0 |
| 2017-03-01 | CVE-2017-2685 | Information Exposure vulnerability in Siemens products Siemens SINUMERIK Integrate Operate Clients between 2.0.3.00.016 (including) and 2.0.6 (excluding) and between 3.0.4.00.032 (including) and 3.0.6 (excluding) contain a vulnerability that could allow an attacker to read and manipulate data in TLS sessions while performing a man-in-the-middle (MITM) attack. | 7.4 |
| 2017-03-01 | CVE-2017-5886 | Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in Podofo Project Podofo 0.9.4 Heap-based buffer overflow in the PoDoFo::PdfTokenizer::GetNextToken function in PdfTokenizer.cpp in PoDoFo 0.9.4 allows remote attackers to have unspecified impact via a crafted file. | 7.8 |
| 2017-03-01 | CVE-2017-5853 | Integer Overflow or Wraparound vulnerability in Podofo Project Podofo 0.9.4 Integer overflow in base/PdfParser.cpp in PoDoFo 0.9.4 allows remote attackers to have unspecified impact via a crafted file. | 7.8 |
| 2017-03-01 | CVE-2016-10094 | Numeric Errors vulnerability in Libtiff 4.0.7 Off-by-one error in the t2p_readwrite_pdf_image_tile function in tools/tiff2pdf.c in LibTIFF 4.0.7 allows remote attackers to have unspecified impact via a crafted image. | 7.8 |
| 2017-03-01 | CVE-2016-10093 | Integer Overflow or Wraparound vulnerability in Libtiff 4.0.7 Integer overflow in tools/tiffcp.c in LibTIFF 4.0.7, 3.9.3, 3.9.4, 3.9.5, 3.9.6, 3.9.7, 4.0.0alpha4, 4.0.0alpha5, 4.0.0alpha6, 4.0.0beta7, 4.0.0, 4.0.1, 4.0.2, 4.0.3, 4.0.4, 4.0.4beta, 4.0.5 and 4.0.6 allows remote attackers to have unspecified impact via a crafted image, which triggers a heap-based buffer overflow. | 7.8 |