Latest CVE Feed
-
8.8
HIGHCVE-2017-12664
ImageMagick 7.0.6-2 has a memory leak vulnerability in WritePALMImage in coders/palm.c.... Read more
Affected Products : imagemagick- Published: Aug. 07, 2017
- Modified: Apr. 20, 2025
-
8.8
HIGHCVE-2017-12663
ImageMagick 7.0.6-2 has a memory leak vulnerability in WriteMAPImage in coders/map.c.... Read more
Affected Products : imagemagick- Published: Aug. 07, 2017
- Modified: Apr. 20, 2025
-
8.8
HIGHCVE-2017-12662
ImageMagick 7.0.6-2 has a memory leak vulnerability in WritePDFImage in coders/pdf.c.... Read more
Affected Products : imagemagick- Published: Aug. 07, 2017
- Modified: Apr. 20, 2025
-
6.1
MEDIUMCVE-2017-12655
Cross-Site Scripting (XSS) exists in NexusPHP version v1.5 via the query parameter to log.php in a dailylog action.... Read more
Affected Products : nexusphp- Published: Aug. 07, 2017
- Modified: Apr. 20, 2025
-
7.5
HIGHCVE-2017-12637
Directory traversal vulnerability in scheduler/ui/js/ffffffffbca41eb4/UIUtilJavaScriptJS in SAP NetWeaver Application Server Java 7.5 allows remote attackers to read arbitrary files via a .. (dot dot) in the query string, as exploited in the wild in Augus... Read more
- Actively Exploited
- Published: Aug. 07, 2017
- Modified: Apr. 20, 2025
-
8.8
HIGHCVE-2016-7976
The PS Interpreter in Ghostscript 9.18 and 9.20 allows remote attackers to execute arbitrary code via crafted userparams.... Read more
Affected Products : ghostscript- Published: Aug. 07, 2017
- Modified: Apr. 20, 2025
-
7.5
HIGHCVE-2016-6220
Information Disclosure vulnerability in the Dashboard and Error Pages in Trend Micro Control Manager SP3 6.0.... Read more
Affected Products : control_manager- Published: Aug. 07, 2017
- Modified: Apr. 20, 2025
-
6.1
MEDIUMCVE-2016-3113
Cross-site scripting (XSS) vulnerability in ovirt-engine allows remote attackers to inject arbitrary web script or HTML.... Read more
Affected Products : ovirt-engine- Published: Aug. 07, 2017
- Modified: Apr. 20, 2025
-
9.8
CRITICALCVE-2015-7871
Crypto-NAK packets in ntpd in NTP 4.2.x before 4.2.8p4, and 4.3.x before 4.3.77 allows remote attackers to bypass authentication.... Read more
- Published: Aug. 07, 2017
- Modified: Apr. 20, 2025
-
6.5
MEDIUMCVE-2015-7855
The decodenetnum function in ntpd in NTP 4.2.x before 4.2.8p4, and 4.3.x before 4.3.77 allows remote attackers to cause a denial of service (assertion failure) via a 6 or mode 7 packet containing a long data value.... Read more
Affected Products : debian_linux data_ontap oncommand_balance oncommand_performance_manager oncommand_unified_manager ntp clustered_data_ontap rox_ii_firmware ruggedcom_rox_i tim_4r-ie_firmware +3 more products- Published: Aug. 07, 2017
- Modified: Apr. 20, 2025
-
8.8
HIGHCVE-2015-7854
Buffer overflow in the password management functionality in NTP 4.2.x before 4.2.8p4, and 4.3.x before 4.3.77 allows remote authenticated users to cause a denial of service (daemon crash) or possibly execute arbitrary code via a crafted key file.... Read more
- Published: Aug. 07, 2017
- Modified: Apr. 20, 2025
-
9.8
CRITICALCVE-2015-7853
The datalen parameter in the refclock driver in NTP 4.2.x before 4.2.8p4, and 4.3.x before 4.3.77 allows remote attackers to execute arbitrary code or cause a denial of service (crash) via a negative input value.... Read more
- Published: Aug. 07, 2017
- Modified: Apr. 20, 2025
-
5.9
MEDIUMCVE-2015-7852
ntpq in NTP 4.2.x before 4.2.8p4, and 4.3.x before 4.3.77 allows remote attackers to cause a denial of service (crash) via crafted mode 6 response packets.... Read more
- Published: Aug. 07, 2017
- Modified: Apr. 20, 2025
-
6.5
MEDIUMCVE-2015-7850
ntpd in NTP 4.2.x before 4.2.8p4, and 4.3.x before 4.3.77 allows remote authenticated users to cause a denial of service (infinite loop or crash) by pointing the key file at the log file.... Read more
- Published: Aug. 07, 2017
- Modified: Apr. 20, 2025
-
8.8
HIGHCVE-2015-7849
Use-after-free vulnerability in ntpd in NTP 4.2.x before 4.2.8p4, and 4.3.x before 4.3.77 allows remote authenticated users to possibly execute arbitrary code or cause a denial of service (crash) via crafted packets.... Read more
- Published: Aug. 07, 2017
- Modified: Apr. 20, 2025
-
9.8
CRITICALCVE-2015-7705
The rate limiting feature in NTP 4.x before 4.2.8p4 and 4.3.x before 4.3.77 allows remote attackers to have unspecified impact via a large number of crafted requests.... Read more
Affected Products : data_ontap oncommand_performance_manager oncommand_unified_manager ntp xenserver clustered_data_ontap simatic_cp_443-1_opc_ua_firmware tim_4r-ie_firmware tim_4r-ie_dnp3_firmware tim_4r-ie +1 more products- Published: Aug. 07, 2017
- Modified: Apr. 20, 2025
-
7.5
HIGHCVE-2015-7704
The ntpd client in NTP 4.x before 4.2.8p4 and 4.3.x before 4.3.77 allows remote attackers to cause a denial of service via a number of crafted "KOD" messages.... Read more
- Published: Aug. 07, 2017
- Modified: Apr. 20, 2025
-
6.5
MEDIUMCVE-2015-7702
The crypto_xmit function in ntpd in NTP 4.2.x before 4.2.8p4, and 4.3.x before 4.3.77 allows remote attackers to cause a denial of service (crash). NOTE: This vulnerability exists due to an incomplete fix for CVE-2014-9750.... Read more
- Published: Aug. 07, 2017
- Modified: Apr. 20, 2025
-
7.5
HIGHCVE-2015-7701
Memory leak in the CRYPTO_ASSOC function in ntpd in NTP 4.2.x before 4.2.8p4, and 4.3.x before 4.3.77 allows remote attackers to cause a denial of service (memory consumption).... Read more
- Published: Aug. 07, 2017
- Modified: Apr. 20, 2025
-
7.5
HIGHCVE-2015-7692
The crypto_xmit function in ntpd in NTP 4.2.x before 4.2.8p4, and 4.3.x before 4.3.77 allows remote attackers to cause a denial of service (crash). NOTE: This vulnerability exists due to an incomplete fix for CVE-2014-9750.... Read more
- Published: Aug. 07, 2017
- Modified: Apr. 20, 2025