Vulnerabilities > High
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2016-04-22 | CVE-2016-4060 | Unspecified vulnerability in Foxitsoftware Foxit Reader and Phantompdf Use-after-free vulnerability in Foxit Reader and PhantomPDF before 7.3.4 on Windows allows remote attackers to cause a denial of service (application crash) via unspecified vectors. | 7.5 |
| 2016-04-22 | CVE-2016-4059 | Unspecified vulnerability in Foxitsoftware Foxit Reader and Phantompdf Use-after-free vulnerability in Foxit Reader and PhantomPDF before 7.3.4 on Windows allows remote attackers to execute arbitrary code via a crafted FlateDecode stream in a PDF document. | 7.8 |
| 2016-04-22 | CVE-2016-1593 | Path Traversal vulnerability in Novell Service Desk 7.1 Directory traversal vulnerability in the import users feature in Micro Focus Novell Service Desk before 7.2 allows remote authenticated administrators to upload and execute arbitrary JSP files via a .. | 7.2 |
| 2016-04-22 | CVE-2016-2354 | Improper Access Control vulnerability in Lemurmonitors Bluedriver 6.3.2 The Bluetooth functionality in Lemur Vehicle Monitors BlueDriver before 2016-04-07 supports unrestricted pairing without a PIN, which allows remote attackers to send arbitrary CAN commands by leveraging access to a device inside or adjacent to the vehicle, as demonstrated by a CAN command to disrupt braking or steering. | 8.8 |
| 2016-04-22 | CVE-2016-2306 | Cryptographic Issues vulnerability in Ecava Integraxor The HMI web server in Ecava IntegraXor before 5.0 build 4522 allows remote attackers to obtain sensitive cleartext information by sniffing the network. | 7.5 |
| 2016-04-22 | CVE-2016-2299 | SQL Injection vulnerability in Ecava Integraxor SQL injection vulnerability in Ecava IntegraXor before 5.0 build 4522 allows remote attackers to execute arbitrary SQL commands via unspecified vectors. | 7.3 |
| 2016-04-21 | CVE-2016-3190 | Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in multiple products The fill_xrgb32_lerp_opaque_spans function in cairo-image-compositor.c in cairo before 1.14.2 allows remote attackers to cause a denial of service (out-of-bounds read and application crash) via a negative span length. | 7.5 |
| 2016-04-21 | CVE-2016-3461 | Unspecified vulnerability in Oracle Mysql Enterprise Monitor 3.0.25/3.1.2 Unspecified vulnerability in the MySQL Enterprise Monitor component in Oracle MySQL 3.0.25 and earlier and 3.1.2 and earlier allows remote administrators to affect confidentiality, integrity, and availability via vectors related to Monitoring: Server. | 7.2 |
| 2016-04-21 | CVE-2016-3456 | Unspecified vulnerability in Oracle Complex Maintenance Repair and Overhaul 12.1.1/12.1.2/12.1.3 Unspecified vulnerability in the Oracle Complex Maintenance, Repair, and Overhaul component in Oracle Supply Chain Products Suite 12.1.1, 12.1.2, and 12.1.3 allows remote attackers to affect confidentiality and integrity via vectors related to Dialog Box. | 8.2 |
| 2016-04-21 | CVE-2016-3455 | Unspecified vulnerability in Oracle Outside in Technology 8.5.0/8.5.1/8.5.2 Unspecified vulnerability in the Oracle Outside In Technology component in Oracle Fusion Middleware 8.5.0, 8.5.1, and 8.5.2 allows remote attackers to affect confidentiality, integrity, and availability via vectors related to Outside In Filters. | 8.6 |