Vulnerabilities > High
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2016-07-12 | CVE-2016-6174 | applications/core/modules/front/system/content.php in Invision Power Services IPS Community Suite (aka Invision Power Board, IPB, or Power Board) before 4.1.13, when used with PHP before 5.4.24 or 5.5.x before 5.5.8, allows remote attackers to execute arbitrary code via the content_class parameter. | 8.1 |
| 2016-07-12 | CVE-2016-5774 | Cryptographic Issues vulnerability in Blue Coat Packetshaper S-Series The HTTPS server in Blue Coat PacketShaper S-Series 11.5.x before 11.5.3.2 might allow remote attackers to obtain sensitive credentials and other information via unspecified vectors, related to use of insecure cryptographic parameters. | 8.1 |
| 2016-07-12 | CVE-2016-4994 | Use After Free vulnerability in Gimp Use-after-free vulnerability in the xcf_load_image function in app/xcf/xcf-load.c in GIMP allows remote attackers to cause a denial of service (program crash) or possibly execute arbitrary code via a crafted XCF file. | 7.8 |
| 2016-07-12 | CVE-2016-4985 | Information Exposure vulnerability in multiple products The ironic-api service in OpenStack Ironic before 4.2.5 (Liberty) and 5.x before 5.1.2 (Mitaka) allows remote attackers to obtain sensitive information about a registered node by leveraging knowledge of the MAC address of a network card belonging to that node and sending a crafted POST request to the v1/drivers/$DRIVER_NAME/vendor_passthru resource. | 7.5 |
| 2016-07-12 | CVE-2016-5781 | Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in Wecon Levistudio Stack-based buffer overflow in WECON LeviStudio allows remote attackers to execute arbitrary code via a crafted file. | 7.8 |
| 2016-07-12 | CVE-2016-4831 | Unspecified vulnerability in Linecorp Line and Line Installer Untrusted search path vulnerability in LINE and LINE Installer 4.7.0 and earlier on Windows allows local users to gain privileges via a Trojan horse DLL in an unspecified directory. | 7.8 |
| 2016-07-12 | CVE-2016-4533 | Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in Wecon Levistudiou Heap-based buffer overflow in WECON LeviStudio allows remote attackers to execute arbitrary code via a crafted file. | 7.8 |
| 2016-07-11 | CVE-2016-3811 | Permissions, Privileges, and Access Controls vulnerability in Google Android The kernel video driver in Android before 2016-07-05 on Nexus 9 devices allows attackers to gain privileges via a crafted application, aka internal bug 28447556. | 7.8 |
| 2016-07-11 | CVE-2016-3808 | Permissions, Privileges, and Access Controls vulnerability in Google Android The serial peripheral interface driver in Android before 2016-07-05 on Pixel C devices allows attackers to gain privileges via a crafted application, aka internal bug 28430009. | 7.8 |
| 2016-07-11 | CVE-2016-3807 | Permissions, Privileges, and Access Controls vulnerability in Google Android The serial peripheral interface driver in Android before 2016-07-05 on Nexus 5X and 6P devices allows attackers to gain privileges via a crafted application, aka internal bug 28402196. | 7.8 |