Vulnerabilities > High
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2017-01-26 | CVE-2016-8710 | Out-of-bounds Write vulnerability in Libbpg Project Libbpg 0.9.4/0.9.7 An exploitable heap write out of bounds vulnerability exists in the decoding of BPG images in Libbpg library. | 7.8 |
| 2017-01-26 | CVE-2016-8227 | Improper Access Control vulnerability in Lenovo Transition Privilege escalation vulnerability in Lenovo Transition application used in Lenovo Yoga, Flex and Miix systems running Windows allows local users to execute code with elevated privileges. | 7.8 |
| 2017-01-26 | CVE-2016-8225 | Unquoted Search Path or Element vulnerability in Lenovo Edge Keyboard Driver and Slim USB Keyboard Driver Unquoted service path vulnerability in Lenovo Edge and Lenovo Slim USB Keyboard Driver versions earlier than 1.21 allows local users to execute code with elevated privileges. | 7.8 |
| 2017-01-26 | CVE-2016-10013 | Permissions, Privileges, and Access Controls vulnerability in XEN Xen through 4.8.x allows local 64-bit x86 HVM guest OS users to gain privileges by leveraging mishandling of SYSCALL singlestep during emulation. | 7.8 |
| 2017-01-26 | CVE-2017-3796 | OS Command Injection vulnerability in Cisco Webex Meetings Server 2.6.0 A vulnerability in Cisco WebEx Meetings Server could allow an authenticated, remote attacker to execute predetermined shell commands on other hosts. | 7.2 |
| 2017-01-26 | CVE-2017-3794 | Cross-Site Request Forgery (CSRF) vulnerability in Cisco Webex Meetings Server 2.6.0 A vulnerability in Cisco WebEx Meetings Server could allow an unauthenticated, remote attacker to conduct a cross-site request forgery (CSRF) attack against an administrative user. | 8.8 |
| 2017-01-26 | CVE-2016-9218 | Cross-Site Request Forgery (CSRF) vulnerability in Cisco Hybrid Meeting Server 1.0Base A vulnerability in Cisco Hybrid Meeting Server could allow an unauthenticated, remote attacker to conduct a cross-site request forgery (CSRF) attack against the user of the web interface. | 8.8 |
| 2017-01-25 | CVE-2017-5597 | Integer Overflow or Wraparound vulnerability in Wireshark In Wireshark 2.2.0 to 2.2.3 and 2.0.0 to 2.0.9, the DHCPv6 dissector could go into a large loop, triggered by packet injection or a malformed capture file. | 7.5 |
| 2017-01-25 | CVE-2017-5596 | Infinite Loop vulnerability in Wireshark In Wireshark 2.2.0 to 2.2.3 and 2.0.0 to 2.0.9, the ASTERIX dissector could go into an infinite loop, triggered by packet injection or a malformed capture file. | 7.5 |
| 2017-01-25 | CVE-2016-9304 | Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in Autodesk FBX Software Development KIT Multiple buffer overflows in the Autodesk FBX-SDK before 2017.1 can allow attackers to execute arbitrary code when reading or converting malformed DFX format files. | 8.8 |