Vulnerabilities > High
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2017-02-01 | CVE-2016-3029 | Cross-Site Request Forgery (CSRF) vulnerability in IBM products IBM Security Access Manager for Web is vulnerable to cross-site request forgery which could allow an attacker to execute malicious and unauthorized actions transmitted from a user that the website trusts. | 8.8 |
| 2017-02-01 | CVE-2016-3017 | Improperly Implemented Security Check for Standard vulnerability in IBM products IBM Security Access Manager for Web could allow a remote attacker to obtain sensitive information due to security misconfigurations. | 7.5 |
| 2017-02-01 | CVE-2016-0396 | Command Injection vulnerability in IBM Bigfix Platform IBM Tivoli Endpoint Manager could allow a user under special circumstances to inject commands that would be executed with unnecessary higher privileges than expected. | 8.1 |
| 2017-02-01 | CVE-2017-3790 | Improper Input Validation vulnerability in Cisco products A vulnerability in the received packet parser of Cisco Expressway Series and Cisco TelePresence Video Communication Server (VCS) software could allow an unauthenticated, remote attacker to cause a reload of the affected system, resulting in a denial of service (DoS) condition. | 8.6 |
| 2017-02-01 | CVE-2016-9225 | Resource Management Errors vulnerability in Cisco ASA CX Context-Aware Security Software A vulnerability in the data plane IP fragment handler of the Cisco Adaptive Security Appliance (ASA) CX Context-Aware Security module could allow an unauthenticated, remote attacker to cause the CX module to be unable to process further traffic, resulting in a denial of service (DoS) condition. | 8.6 |
| 2017-02-01 | CVE-2016-10079 | Improper Input Validation vulnerability in SAP Saplpd 7400.3.11.33 SAPlpd through 7400.3.11.33 in SAP GUI 7.40 on Windows has a Denial of Service vulnerability (service crash) with a long string to TCP port 515. | 7.5 |
| 2017-02-01 | CVE-2016-4038 | Improper Input Validation vulnerability in Samsung Mobile 4.4/5.0/5.1 Array index error in the msm_sensor_config function in kernel/SM-G9008V_CHN_KK_Opensource/Kernel/drivers/media/platform/msm/camera_v2/sensor/msm_sensor.c in Samsung devices with Android KK(4.4) or L and an APQ8084, MSM8974, or MSM8974pro chipset allows local users to have unspecified impact via the gpio_config.gpio_name value. | 7.8 |
| 2017-02-01 | CVE-2016-10173 | Path Traversal vulnerability in Minitar Archive-Tar-Minitar and Minitar Directory traversal vulnerability in the minitar before 0.6 and archive-tar-minitar 0.5.2 gems for Ruby allows remote attackers to write to arbitrary files via a .. | 7.5 |
| 2017-02-01 | CVE-2017-3823 | Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in Cisco products An issue was discovered in the Cisco WebEx Extension before 1.0.7 on Google Chrome, the ActiveTouch General Plugin Container before 106 on Mozilla Firefox, the GpcContainer Class ActiveX control plugin before 10031.6.2017.0126 on Internet Explorer, and the Download Manager ActiveX control plugin before 2.1.0.10 on Internet Explorer. | 8.8 |
| 2017-01-31 | CVE-2016-9418 | Information Exposure vulnerability in Mybb Merge System and Mybb MyBB (aka MyBulletinBoard) before 1.8.8 on Windows and MyBB Merge System before 1.8.8 on Windows might allow remote attackers to obtain sensitive information from ACP backups via vectors involving a short name. | 7.5 |