Vulnerabilities > High
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2017-09-13 | CVE-2017-14426 | Use of Hard-coded Credentials vulnerability in Dlink Dir-850L Firmware D-Link DIR-850L REV. | 7.8 |
| 2017-09-13 | CVE-2017-14425 | Incorrect Default Permissions vulnerability in Dlink Dir-850L Firmware D-Link DIR-850L REV. | 7.8 |
| 2017-09-13 | CVE-2017-14424 | Incorrect Default Permissions vulnerability in Dlink Dir-850L Firmware D-Link DIR-850L REV. | 7.8 |
| 2017-09-13 | CVE-2017-14423 | Improper Restriction of Excessive Authentication Attempts vulnerability in Dlink Dir-850L Firmware htdocs/parentalcontrols/bind.php on D-Link DIR-850L REV. | 7.5 |
| 2017-09-13 | CVE-2017-14422 | Use of Hard-coded Credentials vulnerability in Dlink Dir-850L Firmware D-Link DIR-850L REV. | 7.5 |
| 2017-09-13 | CVE-2017-14418 | Insufficiently Protected Credentials vulnerability in Dlink Dir-850L Firmware The D-Link NPAPI extension, as used in conjunction with D-Link DIR-850L REV. | 8.1 |
| 2017-09-13 | CVE-2017-12612 | Deserialization of Untrusted Data vulnerability in Apache Spark In Apache Spark 1.6.0 until 2.1.1, the launcher API performs unsafe deserialization of data received by its socket. | 7.2 |
| 2017-09-13 | CVE-2016-8744 | Deserialization of Untrusted Data vulnerability in Apache Brooklyn Apache Brooklyn uses the SnakeYAML library for parsing YAML inputs. | 8.8 |
| 2017-09-13 | CVE-2016-8737 | Cross-Site Request Forgery (CSRF) vulnerability in Apache Brooklyn In Apache Brooklyn before 0.10.0, the REST server is vulnerable to cross-site request forgery (CSRF), which could permit a malicious web site to produce a link which, if clicked whilst a user is logged in to Brooklyn, would cause the server to execute the attacker's commands as the user. | 8.8 |
| 2017-09-13 | CVE-2017-7441 | Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in Sophos Hitmanpro 3.7.20 In Sophos SurfRight HitmanPro before 3.7.20 Build 286 (included in the HitmanPro.Alert solution and Sophos Clean), a crafted IOCTL with code 0x22E1C0 might lead to kernel data leaks. | 7.2 |