Lucene search
K
SymantecRecent

6867 matches found

Symantec
Symantec
•added 2019/10/23 12:0 a.m.•28 views

Multiple IBM Products CVE-2019-4461 HTTP Response Splitting Vulnerability

Description Multiple IBM Products are prone to an HTTP response-splitting vulnerability. Attackers can leverage this issue to influence or misrepresent how web content is served, cached, or interpreted. This could aid in various attacks that try to entice client users into having a false sense of...

3.5CVSS0.1AI score0.00561EPSS
Exploits0References1Affected Software2
Symantec
Symantec
•added 2019/10/23 12:0 a.m.•29 views

Multiple IBM Products CVE-2019-4395 Local Information Disclosure Vulnerability

Description Multiple IBM products are prone to a local information-disclosure vulnerability. Exploiting this issue may allow a local attacker to obtain sensitive information that may aid in further attacks. Technologies Affected IBM Cloud Orchestrator 2.4 IBM Cloud Orchestrator 2.4.0.1 IBM Cloud...

2.1CVSS1.2AI score0.00307EPSS
Exploits0Affected Software2
Symantec
Symantec
•added 2019/10/23 12:0 a.m.•28 views

IBM Cloud Orchestrator CVE-2019-4397 Information Disclosure Vulnerability

Description IBM Cloud Orchestrator is prone to an information-disclosure vulnerability. An attacker can exploit this issue to gain access to sensitive information; this may lead to further attacks. The following versions are affected: IBM Cloud Orchestrator 2.5, 2.5.0.1, 2.5.0.2, 2.5.0.3, 2.5.0.4...

0.5AI score0.00957EPSS
Exploits0Affected Software2
Symantec
Symantec
•added 2019/10/23 12:0 a.m.•29 views

IBM Cloud Orchestrator CVE-2019-4399 Information Disclosure Vulnerability

Description IBM Cloud Orchestrator is prone to an information-disclosure vulnerability. An attacker can exploit this issue to gain access to sensitive information; this may lead to further attacks. The following versions are vulnerable: IBM Cloud Orchestrator 2.5, 2.5.0.1, 2.5.0.2, 2.5.0.3,...

5CVSS0.5AI score0.00792EPSS
Exploits0References1Affected Software2
Symantec
Symantec
•added 2019/10/23 12:0 a.m.•25 views

IBM Cloud Orchestrator CVE-2019-4398 Local Information Disclosure Vulnerability

Description IBM Cloud Orchestrator is prone to local information-disclosure vulnerability. Exploiting this issue may allow a local attacker to obtain sensitive information that may aid in further attacks. IBM Cloud Orchestrator and IBM Cloud Orchestrator Enterprise versions 2.5, 2.5.0.1, 2.5.0.2,...

1.2AI score0.00307EPSS
Exploits0Affected Software2
Symantec
Symantec
•added 2019/10/22 12:0 a.m.•20 views

ABB Relion 670 Series CVE-2019-18253 Directory Traversal Vulnerability

Description ABB Relion 670 Series is prone to a directory-traversal vulnerability. Remote attackers may use a specially crafted request with directory-traversal sequences '../' to retrieve sensitive information. This may aid in further attacks. The following ABB products are affected: Relion 670...

2AI score0.0198EPSS
Exploits0References1Affected Software1
Symantec
Symantec
•added 2019/10/22 12:0 a.m.•27 views

IBM Security Guardium Big Data Intelligence CVE-2019-4339 Information Disclosure Vulnerability

Description IBM Security Guardium Big Data Intelligence is prone to an information-disclosure vulnerability. Attackers can exploit this issue to obtain sensitive information that may aid in further attacks. Technologies Affected IBM Security Guardium Big Data Intelligence 4.0 Recommendations Bloc...

5CVSS1.1AI score0.00976EPSS
Exploits0Affected Software1
Symantec
Symantec
•added 2019/10/22 12:0 a.m.•23 views

OpenAFS CVE-2019-18602 Information Disclosure Vulnerability

Description OpenAFS is prone to an information-disclosure vulnerability. Attackers can exploit this issue to obtain sensitive information that may lead to further attacks. The following versions are affected: OpenAFS 1.0 through 1.6.23 OpenAFS 1.8.0 through 1.8.4 Technologies Affected OpenAFS...

5CVSS0.2AI score0.01532EPSS
Exploits0References2Affected Software1
Symantec
Symantec
•added 2019/10/22 12:0 a.m.•81 views

Mozilla Firefox ESR CVE-2019-11758 Memory Corruption Vulnerability

Description Mozilla Firefox ESR is prone to a memory-corruption vulnerability. A remote attacker can leverage this issue to execute arbitrary code within the context of the application. Successful exploits will compromise the application and possibly the underlying system. This issue is fixed in:...

0.1AI score0.01326EPSS
Exploits1References3Affected Software2
Symantec
Symantec
•added 2019/10/22 12:0 a.m.•19 views

OpenAFS CVE-2019-18603 Information Disclosure Vulnerability

Description OpenAFS is prone to an information-disclosure vulnerability. Attackers can exploit this issue to obtain sensitive information that may lead to further attacks. The following versions are affected: OpenAFS 1.0 through 1.6.23 OpenAFS 1.8.0 through 1.8.4 Technologies Affected OpenAFS...

4.3CVSS0.2AI score0.01207EPSS
Exploits0References2Affected Software1
Symantec
Symantec
•added 2019/10/22 12:0 a.m.•26 views

Trend Micro Anti-Threat Toolkit CVE-2019-9491 Remote Code Execution Vulnerability

Description Trend Micro Anti-Threat Toolkit is prone to a remote code-execution vulnerability. An attacker can leverage this issue to execute arbitrary code in the context of the affected application. Failed exploit attempts will result in a denial of service condition. The following products are...

5.1CVSS1.2AI score0.12939EPSS
Exploits6
Symantec
Symantec
•added 2019/10/22 12:0 a.m.•24 views

IBM Security Guardium Big Data Intelligence CVE-2019-4329 Security Bypass Vulnerability

Description IBM Security Guardium Big Data Intelligence is prone to a security-bypass vulnerability. Successfully exploiting this issue will allow attackers to bypass security restrictions and perform unauthorized actions; this may aid in launching further attacks. Security Guardium Big Data...

4CVSS0.9AI score0.00897EPSS
Exploits0Affected Software1
Symantec
Symantec
•added 2019/10/22 12:0 a.m.•60 views

Google Chrome Prior to 78 Multiple Security Vulnerabilities

Description Google Chrome is prone to multiple security vulnerabilities. Attackers can exploit these issues to execute arbitrary code in the context of the browser, obtain sensitive information, conduct spoofing attacks, bypass certain security restrictions and perform unauthorized actions or cau...

1.4AI score
Exploits0References1Affected Software1
Symantec
Symantec
•added 2019/10/22 12:0 a.m.•74 views

Mozilla Firefox and Firefox ESR Multiple Security Vulnerabilities

Description Mozilla Firefox and Firefox ESR are prone to multiple security vulnerabilities. Attackers can exploit these issues to execute arbitrary code, cause denial-of-service conditions and bypass certain security restrictions and perform unauthorized actions. This may aid in further attacks...

0.6AI score
Exploits0References1Affected Software3
Symantec
Symantec
•added 2019/10/22 12:0 a.m.•33 views

Cloud Foundry UAA CVE-2019-11282 Information Disclosure Vulnerability

Description Cloud Foundry UAA is prone to an information-disclosure vulnerability. An attacker can exploit this issue to gain access to sensitive information that may aid in further attacks. Cloud Foundry UAA versions prior to 74.3.0 are vulnerable. Technologies Affected Cloud Foundry UAA 63.0...

0.5AI score0.01138EPSS
Exploits0References1Affected Software2
Symantec
Symantec
•added 2019/10/22 12:0 a.m.•29 views

Schneider Electric ProClima ICSA-19-295-01 Multiple Remote Code Execution Vulnerabilities

Description Schneider Electric ProClima is prone to multiple remote code-execution vulnerabilities. Attackers can exploit these issues to execute arbitrary code on the system. Schneider Electric ProClima versions prior to 8.0.0 are vulnerable. Technologies Affected Schneider-Electric Proclima 6.0...

0.7AI score
Exploits0References1Affected Software1
Symantec
Symantec
•added 2019/10/22 12:0 a.m.•26 views

IBM Security Guardium Big Data Intelligence CVE-2019-4309 Hardcoded Credentials Vulnerability

Description IBM Security Guardium Big Data Intelligence is prone to a hard-coded credentials vulnerability. An attacker can exploit this issue to gain unauthorized access to the vulnerable system and perform unauthorized actions. Security Guardium Big Data Intelligence 4.0 is vulnerable...

1AI score0.00279EPSS
Exploits0Affected Software1
Symantec
Symantec
•added 2019/10/22 12:0 a.m.•22 views

Mozilla Firefox Multiple Security Vulnerabilities

Description Mozilla Firefox is prone to the following security vulnerabilities: 1. Multiple security-bypass vulnerabilities 2. A security vulnerability Attackers can exploit these issues to bypass certain security restrictions and perform unauthorized actions. This may aid in further attacks...

7.3AI score
Exploits0References1Affected Software1
Symantec
Symantec
•added 2019/10/22 12:0 a.m.•24 views

IBM Security Guardium Big Data Intelligence CVE-2019-4307 Information Disclosure Vulnerability

Description IBM Security Guardium Big Data Intelligence is prone to an information-disclosure vulnerability. Attackers can exploit this issue to obtain sensitive information that may aid in further attacks. IBM Security Guardium Big Data Intelligence 4.0 is vulnerable. Technologies Affected IBM...

2.1CVSS1.9AI score0.00279EPSS
Exploits0Affected Software1
Symantec
Symantec
•added 2019/10/22 12:0 a.m.•23 views

Cloud Foundry SMB Volume CVE-2019-11283 Information Disclosure Vulnerability

Description Cloud Foundry SMB Volume is prone to an information disclosure vulnerability. An attacker can exploit this issue to gain access to sensitive information; this may lead to further attacks. Technologies Affected Cloud Foundry SMB Volume 1.0.0 Cloud Foundry SMB Volume 1.1.0 Cloud Foundry...

1.2AI score0.01455EPSS
Exploits0References1Affected Software4
Symantec
Symantec
•added 2019/10/22 12:0 a.m.•29 views

OpenAFS CVE-2019-18601 Denial of Service Vulnerability

Description OpenAFS is prone to a denial-of-service vulnerability. A remote attacker may exploit this issue to cause a denial-of-service condition; denying service to legitimate users. OpenAFS 1.0 through 1.6.23 and 1.8.0 through 1.8.4 are vulnerable. Technologies Affected OpenAFS Openafs 1.0.0...

5CVSS0.3AI score0.01399EPSS
Exploits0References1Affected Software1
Symantec
Symantec
•added 2019/10/22 12:0 a.m.•25 views

IBM Security Guardium Big Data Intelligence CVE-2019-4306 Security Bypass Vulnerability

Description IBM Security Guardium Big Data Intelligence is prone to a security-bypass vulnerability. Successfully exploiting this issue will allow attackers to bypass security restrictions and perform unauthorized actions; this may aid in launching further attacks. Security Guardium Big Data...

0.9AI score0.01023EPSS
Exploits0Affected Software1
Symantec
Symantec
•added 2019/10/22 12:0 a.m.•29 views

IBM Security Guardium Big Data Intelligence CVE-2019-4330 Information Disclosure Vulnerability

Description IBM Security Guardium Big Data Intelligence is prone to an information-disclosure vulnerability. Attackers can exploit this issue to obtain sensitive information that may aid in further attacks. Security Guardium Big Data Intelligence 4.0 is vulnerable; other versions may also be...

4.4AI score0.01116EPSS
Exploits0Affected Software1
Symantec
Symantec
•added 2019/10/21 12:0 a.m.•29 views

IBM API Connect CVE-2019-4600 Information Disclosure Vulnerability

Description IBM API Connect is prone to an information-disclosure vulnerability. An attacker can exploit this issue to obtain sensitive information that may aid in further attacks. IBM API Connect 5.0.0.0 through 5.0.8.7 are vulnerable. Technologies Affected IBM API Connect 5.0.0.0 IBM API Connec...

0.7AI score0.01427EPSS
Exploits0References1Affected Software1
Symantec
Symantec
•added 2019/10/18 12:0 a.m.•22 views

Fortinet FortiMail Multiple Remote Privilege Escalation Vulnerability

Description Fortinet FortiMail is prone to multiple remote prone privilege-escalation vulnerability. An attacker can exploit these issues to gain elevated privileges, obtain sensitive information or cause denial-of-service conditions. Technologies Affected Fortinet FortiMail 5.4.0 Fortinet...

0.8AI score
Exploits0References1Affected Software1
Symantec
Symantec
•added 2019/10/18 12:0 a.m.•46 views

Fortinet FortiOS CVE-2019-15703 Insufficient Entropy Vulnerability

Description Fortinet FortiOS is prone to an insufficent entropy vulnerability. Remote attackers can exploit this issue to perform side-channel attacks and obtain sensitive information. This aids in other attacks. Technologies Affected Fortinet FortiOS 2.36.0 Fortinet FortiOS 2.50.0 Fortinet Forti...

0.6AI score0.00996EPSS
Exploits0References1Affected Software1
Symantec
Symantec
•added 2019/10/18 12:0 a.m.•29 views

Foxit Studio Photo CVE-2019-17138 Out-Of-Bounds Read Information Disclosure Vulnerability

Description Foxit Studio Photo is prone to a information disclosure vulnerability. An attacker can exploit this issue to obtain sensitive information. Foxit Studio Photo 3.6.6.915 and prior are vulnerable. Technologies Affected Foxit Studio Photo 3.6.6.915 Recommendations Block external access at...

4.3CVSS5AI score0.08158EPSS
Exploits0References1Affected Software1
Symantec
Symantec
•added 2019/10/18 12:0 a.m.•47 views

libxslt CVE-2019-18197 Arbitrary Code Execution Vulnerability

Description libxslt is prone to an arbitrary code-execution vulnerability. Successfully exploiting this issue may allow an attacker to execute arbitrary code in the context of the affected application. Failed exploits will result in denial-of-service conditions. libxslt version 1.1.33 is...

0.5AI score0.04446EPSS
Exploits0References2Affected Software2
Symantec
Symantec
•added 2019/10/17 12:0 a.m.•22 views

AVEVA IEC870IP Driver CVE-2019-13537 Stack Buffer Overflow Vulnerability

...

4.3AI score0.01297EPSS
Exploits0Affected Software1
Symantec
Symantec
•added 2019/10/17 12:0 a.m.•159 views

Microsoft Visual Studio Code CVE-2019-1414 Local Privilege Escalation Vulnerability

Description Microsoft Visual Studio Code is prone to a local privilege-escalation vulnerability. An attackers may exploit this issue to gain elevated privileges. Technologies Affected Microsoft Visual Studio Code Recommendations Permit local access for trusted individuals only. Where possible, us...

3.4AI score0.01045EPSS
Exploits1
Symantec
Symantec
•added 2019/10/17 12:0 a.m.•91 views

Apache Thrift CVE-2019-0210 Remote Security Vulnerability

Description Apache Thrift is prone to a remote security vulnerability. An attacker can leverage this issue to bypass security restrictions and perform unauthorized actions. This may aid in further attacks. Apache Thrift versions 0.9.3 through 0.12.0 are vulnerable. Technologies Affected Apache...

1.4AI score0.06793EPSS
Exploits0References1Affected Software1
Symantec
Symantec
•added 2019/10/17 12:0 a.m.•16 views

Horner Automation Cscape ICSA-19-290-02 Multiple Arbitrary Code Execution Vulnerabilities

Description Horner Automation Cscape is prone to multiple arbitrary code-execution vulnerabilities. Attackers can exploit these issues to execute arbitrary code within the context of the affected application, crash the device or obtain sensitive information. Versions prior to Horner Automation...

0.9AI score
Exploits0References2Affected Software1
Symantec
Symantec
•added 2019/10/17 12:0 a.m.•23 views

Dell EMC RSA Authentication Manager XML External Entity Information Disclosure Vulnerability

Description Dell EMC RSA Authentication Manager is prone to an information-disclosure vulnerability. An attacker can exploit this issue to gain access to sensitive information that may lead to further attacks. Dell RSA Authentication Manager version 8.4 P6 and prior are vulnerable. Technologies...

2.2AI score
Exploits0References2Affected Software2
Symantec
Symantec
•added 2019/10/17 12:0 a.m.•27 views

GNU Guix CVE-2019-18192 Local Privilege Escalation Vulnerability

Description GNU Guix is prone to a local privilege-escalation vulnerability. An attacker may exploit this issue to gain elevated privileges. Successful exploits may aid in further attacks. GNU Guix version 1.0.1 is vulnerable; other versions may also be affected. Technologies Affected GNU Guix...

4.6CVSS2.2AI score0.00344EPSS
Exploits1References2Affected Software1
Symantec
Symantec
•added 2019/10/17 12:0 a.m.•59 views

Citrix NetScaler ADC and NetScaler Gateway CVE-2019-18225 Authentication Bypass Vulnerability

Description Citrix NetScaler Application Delivery Controller ADC and NetScaler Gateway are prone to an authentication-bypass vulnerability. An attacker can exploit this issue to bypass the authentication mechanism. This may aid in further attacks. The following Citrix products are affected: Citri...

0.8AI score0.01509EPSS
Exploits0References1Affected Software1
Symantec
Symantec
•added 2019/10/17 12:0 a.m.•28 views

Multiple IBM Products CVE-2019-4546 Unauthorized Access Vulnerability

Description Multiple IBM Products are prone to an unauthorized-access vulnerability Attackers can exploit this issue to gain unauthorized access and perform unauthorized actions. This may aid in further attacks. Technologies Affected IBM Maximo Asset Management IBM Maximo Health Safety and...

6.5CVSS7.2AI score0.0066EPSS
Exploits0References1Affected Software2
Symantec
Symantec
•added 2019/10/16 12:0 a.m.•25 views

Cisco TelePresence CE Software CVE-2019-15273 Multiple Arbitrary File Overwrite Vulnerabilities

Description Cisco TelePresence Collaboration Endpoint Software is prone to multiple local arbitrary file-overwrite vulnerabilities. Successful exploits may allow an attacker to overwrite arbitrary files on the underlying file-system or cause denial-of-service conditions. These issues are being...

1.3AI score0.00271EPSS
Exploits0References1Affected Software1
Symantec
Symantec
•added 2019/10/16 12:0 a.m.•36 views

Cisco Wireless LAN Controller Software CVE-2019-15266 Local Directory Traversal Vulnerability

Description Cisco Wireless LAN Controller Software is prone to a local directory-traversal vulnerability. An attacker can exploit this issue using directory-traversal characters '../' to access or read arbitrary files that contain sensitive information or to access files outside of the restricted...

1.7AI score0.0065EPSS
Exploits0References1Affected Software1
Symantec
Symantec
•added 2019/10/16 12:0 a.m.•28 views

Multiple Cisco Products CVE-2019-15264 Denial of Service Vulnerability

Description Multiple Cisco Products are prone to a denial-of-service vulnerability. An attacker can exploit this issue to cause a denial-of-service condition. This issue is being tracked by Cisco Bug ID CSCvo40697. Technologies Affected Cisco Aironet 1540 Series Access Points Cisco Aironet 1560...

2.1AI score0.00457EPSS
Exploits0References1Affected Software3
Symantec
Symantec
•added 2019/10/16 12:0 a.m.•69 views

Apache Thrift CVE-2019-0205 Denial of Service Vulnerability

Description Apache Thrift is prone to a denial-of-service vulnerability. Attackers may leverage this issue to cause the application enter into endless loop, denying service to legitimate users. Apache Thrift version 0.12.0 and prior are vulnerable. Technologies Affected Apache Thrift 0.10.0 Apach...

1.8AI score0.09082EPSS
Exploits0References1Affected Software1
Symantec
Symantec
•added 2019/10/16 12:0 a.m.•32 views

Cisco Aironet Access Points CVE-2019-15265 Denial of Service Vulnerability

Description Cisco Aironet Access Points are prone to a denial-of-service vulnerability. An attacker can exploit this issue to cause a denial-of-service condition. This issue is being tracked by Cisco Bug ID CSCvn80147. Technologies Affected Cisco Aironet 1540 Series Access Points Cisco Aironet 15...

1.8AI score0.00318EPSS
Exploits0References1Affected Software2
Symantec
Symantec
•added 2019/10/16 12:0 a.m.•34 views

Cisco SPA100 Series Analog Telephone Adapters CVE-2019-12708 Information Disclosure Vulnerability

Description Cisco SPA100 Series Analog Telephone Adapters are prone to an information-disclosure vulnerability. An attacker can exploit this issue to gain access to sensitive information that may aid in further attacks. This issue is being tracked by Cisco Bug ID CSCvq50520. Technologies Affected...

4CVSS1.7AI score0.01088EPSS
Exploits0References2Affected Software1
Symantec
Symantec
•added 2019/10/16 12:0 a.m.•26 views

Cisco Firepower Management Center CVE-2019-15280 HTML Injection Vulnerability

Description Cisco Firepower Management Center is prone to an HTML-injection vulnerability because it fails to properly sanitize user-supplied input. Successful exploits will allow attacker-supplied HTML and script code to run in the context of the affected browser, potentially allowing the attack...

0.3AI score0.00622EPSS
Exploits0References1Affected Software1
Symantec
Symantec
•added 2019/10/16 12:0 a.m.•29 views

Cisco Identity Services Engine CVE-2019-12637 Multiple HTML Injection Vulnerabilities

Description Cisco Identity Services Engine is prone to multiple HTML-injection vulnerabilities because it fails to properly validate user-supplied input. Successful exploits will result in the execution of arbitrary attacker-supplied HTML and script code in the context of the affected application...

0.5AI score0.00633EPSS
Exploits0References1Affected Software1
Symantec
Symantec
•added 2019/10/16 12:0 a.m.•16 views

Foxit PhantomPDF Multiple Security Vulnerabilities

Description Foxit PhantomPDF is prone to the following vulnerabilities: 1. Multiple arbitrary code-execution vulnerabilities 2. An information disclosure vulnerability 3. A stack-based buffer-overflow vulnerability Attackers can exploit these issues to execute arbitrary code in the context of...

0.9AI score
Exploits0References1Affected Software1
Symantec
Symantec
•added 2019/10/16 12:0 a.m.•23 views

Cisco TelePresence CE Software CVE-2019-15962 Local Arbitrary File Write Vulnerability

Description Cisco TelePresence Collaboration Endpoint Software is prone to a local arbitrary file-write vulnerability. Successful exploits may allow an attacker to write arbitrary files on the root directory. This issue is being tracked by Cisco Bug ID CSCvq47315. Technologies Affected Cisco...

0.8AI score0.00256EPSS
Exploits0References1Affected Software3
Symantec
Symantec
•added 2019/10/16 12:0 a.m.•34 views

Cisco SPA100 Series Analog Telephone Adapters CVE-2019-15257 Information Disclosure Vulnerability

Description Cisco SPA100 Series Analog Telephone Adapters are prone to an information-disclosure vulnerability. An attacker can exploit this issue to gain access to sensitive information that may aid in further attacks. This issue is being tracked by Cisco Bug ID CSCvq50523. Technologies Affected...

4CVSS1.7AI score0.01088EPSS
Exploits0References1Affected Software1
Symantec
Symantec
•added 2019/10/16 12:0 a.m.•103 views

Cisco Wireless LAN Controller CVE-2019-15262 Denial of Service Vulnerability

Description Cisco Wireless LAN Controller is prone to a remote denial-of-service vulnerability. An attacker can exploit this issue to exhaust resources, denying service to legitimate users. This issue is being tracked by Cisco Bug ID CSCvp34148. Technologies Affected Cisco Wireless Lan Controller...

1.2AI score0.01415EPSS
Exploits0References1Affected Software1
Symantec
Symantec
•added 2019/10/16 12:0 a.m.•27 views

Cisco TelePresence CE Software CVE-2019-15274 Local Command Injection Vulnerability

Description Cisco TelePresence CE Software is prone to a local command-injection vulnerability. An attacker may exploit this issue to inject and execute arbitrary commands. This issue being tracked by Cisco Bug IDs CSCvq29893. Technologies Affected Cisco TelePresence CE Software 8.0.0 Cisco...

7.2CVSS1.3AI score0.00512EPSS
Exploits0References1Affected Software1
Symantec
Symantec
•added 2019/10/16 12:0 a.m.•29 views

Cisco Identity Services Engine CVE-2019-15282 Information Disclosure Vulnerability

Description Cisco Identity Services Engine is prone to an information disclosure vulnerability. An attacker can exploit this issue to obtain sensitive information that may aid in further attacks. This issue is being tracked by Cisco bug ID CSCvq52402. Technologies Affected Cisco Identity Services...

1.1AI score0.01221EPSS
Exploits0References1Affected Software1
Total number of security vulnerabilities6867