Vulnerabilities > High
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2017-01-23 | CVE-2017-5182 | Information Exposure vulnerability in Novell Open Enterprise Server 11.0/2.0/2015 Remote Manager in Open Enterprise Server (OES) allows unauthenticated remote attackers to read any arbitrary file, via a specially crafted URL, that allows complete directory traversal and total information disclosure. | 7.5 |
| 2017-01-23 | CVE-2017-5563 | Out-of-bounds Read vulnerability in Libtiff 4.0.7 LibTIFF version 4.0.7 is vulnerable to a heap-based buffer over-read in tif_lzw.c resulting in DoS or code execution via a crafted bmp image to tools/bmp2tiff. | 8.8 |
| 2017-01-23 | CVE-2017-5556 | Out-of-bounds Read vulnerability in Foxitsoftware Foxit Reader and Phantompdf The ConvertToPDF plugin in Foxit Reader before 8.2 and PhantomPDF before 8.2 on Windows, when the gflags app is enabled, allows remote attackers to cause a denial of service (out-of-bounds read and application crash) via a crafted JPEG image. | 8.1 |
| 2017-01-23 | CVE-2017-5554 | Improper Authentication vulnerability in Oneplus Oxygenos 3.2.8/3.5.4 An issue was discovered in ABOOT in OnePlus 3 and 3T OxygenOS before 4.0.2. | 8.1 |
| 2017-01-23 | CVE-2016-10156 | Permissions, Privileges, and Access Controls vulnerability in Systemd Project Systemd 228 A flaw in systemd v228 in /src/basic/fs-util.c caused world writable suid files to be created when using the systemd timers features, allowing local attackers to escalate their privileges to root. | 7.8 |
| 2017-01-23 | CVE-2016-10103 | Inadequate Encryption Strength vulnerability in Hiteksoftware Automize Information Disclosure can occur in encryptionProfiles.jsd in Hitek Software's Automize because of the Read attribute being set for Users. | 8.1 |
| 2017-01-23 | CVE-2016-10102 | Inadequate Encryption Strength vulnerability in Hiteksoftware Automize hitek.jar in Hitek Software's Automize uses weak encryption when encrypting SSH/SFTP and Encryption profile passwords. | 8.1 |
| 2017-01-23 | CVE-2016-10101 | Inadequate Encryption Strength vulnerability in Hiteksoftware Automize Information Disclosure can occur in Hitek Software's Automize 10.x and 11.x passManager.jsd. | 8.1 |
| 2017-01-20 | CVE-2016-6253 | Link Following vulnerability in Netbsd mail.local in NetBSD versions 6.0 through 6.0.6, 6.1 through 6.1.5, and 7.0 allows local users to change ownership of or append data to arbitrary files on the target system via a symlink attack on the user mailbox. | 7.8 |
| 2017-01-20 | CVE-2016-5323 | Divide By Zero vulnerability in multiple products The _TIFFFax3fillruns function in libtiff before 4.0.6 allows remote attackers to cause a denial of service (divide-by-zero error and application crash) via a crafted Tiff image. | 7.5 |