CVE-2017-6950 (gui_for_windows)
SAP GUI 7.2 through 7.5 allows remote attackers to bypass intended security policy restrictions and execute arbitrary code via a crafted ABAP code, aka SAP Security Note 2407616.
Read MoreAuthor: Fortify Security Team
CVE-2013-6446 (cdh)
The JobHistory Server in Cloudera CDH 4.x before 4.6.0 and 5.x before 5.0.0 Beta 2, when using MRv2/YARN with HTTP authentication, allows remote authenticated users to obtain sensitive job information by leveraging failure to...
Read MoreCVE-2015-8622 (mediawiki)
Cross-site scripting (XSS) vulnerability in MediaWiki before 1.23.12, 1.24.x before 1.24.5, 1.25.x before 1.25.4, and 1.26.x before 1.26.1, when is configured with a relative URL, allows remote authenticated users to inject...
Read MoreCVE-2017-6895 (usb_pratirodh)
USB Pratirodh allows remote attackers to conduct XML External Entity (XXE) attacks via XML data in usb.xml.
Read MoreCVE-2015-4166 (key_trustee_server)
Cloudera Key Trustee Server before 5.4.3 does not store keys synchronously, which might allow attackers to have unspecified impact via vectors related to loss of an encryption key.
Read More