Vulnerabilities > High

DATE CVE VULNERABILITY TITLE RISK
2018-01-19 CVE-2017-12118 Incorrect Authorization vulnerability in Ethereum Cpp-Ethereum
An exploitable improper authorization vulnerability exists in miner_stop API of cpp-ethereum's JSON-RPC (commit 4e1015743b95821849d001618a7ce82c7c073768).
network
high complexity
ethereum CWE-863
8.1
8.1
2018-01-19 CVE-2017-12116 Incorrect Authorization vulnerability in Ethereum Aleth
An exploitable improper authorization vulnerability exists in miner_setGasPrice API of cpp-ethereum's JSON-RPC (commit 4e1015743b95821849d001618a7ce82c7c073768).
network
high complexity
ethereum CWE-863
8.1
8.1
2018-01-19 CVE-2017-12113 Incorrect Authorization vulnerability in Ethereum Cpp-Ethereum
An exploitable improper authorization vulnerability exists in admin_nodeInfo API of cpp-ethereum's JSON-RPC (commit 4e1015743b95821849d001618a7ce82c7c073768).
network
high complexity
ethereum CWE-863
8.1
8.1
2018-01-19 CVE-2017-12117 Incorrect Authorization vulnerability in Ethereum Cpp-Ethereum
An exploitable improper authorization vulnerability exists in miner_start API of cpp-ethereum's JSON-RPC (commit 4e1015743b95821849d001618a7ce82c7c073768).
network
high complexity
ethereum CWE-863
8.1
8.1
2018-01-19 CVE-2017-12115 Incorrect Authorization vulnerability in Ethereum Cpp-Ethereum
An exploitable improper authorization vulnerability exists in miner_setEtherbase API of cpp-ethereum's JSON-RPC (commit 4e1015743b95821849d001618a7ce82c7c073768).
network
high complexity
ethereum CWE-863
8.1
8.1
2018-01-19 CVE-2017-12112 Incorrect Authorization vulnerability in Ethereum Cpp-Ethereum
An exploitable improper authorization vulnerability exists in admin_addPeer API of cpp-ethereum's JSON-RPC (commit 4e1015743b95821849d001618a7ce82c7c073768).
network
high complexity
ethereum CWE-863
8.1
8.1
2018-01-19 CVE-2017-14095 Inclusion of Functionality from Untrusted Control Sphere vulnerability in Trendmicro Smart Protection Server
A vulnerability in Trend Micro Smart Protection Server (Standalone) versions 3.2 and below could allow an attacker to perform remote command execution via a local file inclusion on a vulnerable system.
network
high complexity
trendmicro CWE-829
8.1
8.1
2018-01-19 CVE-2017-14082 Information Exposure vulnerability in Trendmicro Mobile Security 9.7
An uninitialized pointer information disclosure vulnerability in Trend Micro Mobile Security (Enterprise) versions 9.7 and below could allow an unauthenticated remote attacker to disclosure sensitive information on a vulnerable system.
network
low complexity
trendmicro CWE-200
7.5
7.5
2018-01-19 CVE-2017-11398 DEPRECATED: Information Exposure Through Debug Log Files vulnerability in Trendmicro Smart Protection Server
A session hijacking via log disclosure vulnerability in Trend Micro Smart Protection Server (Standalone) versions 3.2 and below could allow an unauthenticated attacker to hijack active user sessions to perform authenticated requests on a vulnerable system.
network
low complexity
trendmicro CWE-534
8.8
8.8
2018-01-19 CVE-2017-7327 Untrusted Search Path vulnerability in Yandex Browser
Yandex Browser installer for Desktop before 17.4.1 has a DLL Hijacking Vulnerability because an untrusted search path is used for dnsapi.dll, winmm.dll, ntmarta.dll, cryptbase.dll or profapi.dll.
local
low complexity
yandex CWE-426
7.8
7.8