Vulnerabilities > High
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2017-11-13 | CVE-2017-9314 | Improper Authentication vulnerability in Dahuasecurity products Authentication vulnerability found in Dahua NVR models NVR50XX, NVR52XX, NVR54XX, NVR58XX with software before DH_NVR5xxx_Eng_P_V2.616.0000.0.R.20171102. | 8.8 |
| 2017-11-13 | CVE-2017-3767 | Unspecified vulnerability in Realtek Audio Driver Firmware A local privilege escalation vulnerability was identified in the Realtek audio driver versions prior to 6.0.1.8224 in some Lenovo ThinkPad products. | 7.8 |
| 2017-11-13 | CVE-2017-3166 | Incorrect Permission Assignment for Critical Resource vulnerability in Apache Hadoop In Apache Hadoop versions 2.6.1 to 2.6.5, 2.7.0 to 2.7.3, and 3.0.0-alpha1, if a file in an encryption zone with access permissions that make it world readable is localized via YARN's localization mechanism, that file will be stored in a world-readable location and can be shared freely with any application that requests to localize that file. | 7.8 |
| 2017-11-13 | CVE-2017-10885 | Untrusted Search Path vulnerability in Sbisec Hyper SBI 2.2 Untrusted search path vulnerability in HYPER SBI Ver. | 7.8 |
| 2017-11-13 | CVE-2017-10875 | Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in Iodata LAN Disk Connect Firmware 2.02 I-O DATA DEVICE LAN DISK Connect Ver2.02 and earlier allows an attacker to cause a denial of service in the application via unspecified vectors. | 7.5 |
| 2017-11-13 | CVE-2016-6803 | Untrusted Search Path vulnerability in Apache Openoffice An installer defect known as an "unquoted Windows search path vulnerability" affected the Apache OpenOffice before 4.1.3 installers for Windows. | 7.8 |
| 2017-11-13 | CVE-2017-14711 | Insufficiently Protected Credentials vulnerability in Kickbase Bundesliga Manager The Kickbase GmbH "Kickbase Bundesliga Manager" app before 2.2.1 -- aka kickbase-bundesliga-manager/id678241305 -- for iOS is vulnerable to a credentials leak due to transmitting a username and password in cleartext from client to server during registration and authentication. | 8.1 |
| 2017-11-13 | CVE-2017-11169 | Unspecified vulnerability in Iball Ib-Wra300N3Gt Firmware 1.1.1 Privilege Escalation on iBall iB-WRA300N3GT iB-WRA300N3GT_1.1.1 devices allows remote authenticated users to obtain root privileges by leveraging a guest/user/normal account to submit a modified privilege parameter to /form2userconfig.cgi. | 8.8 |
| 2017-11-13 | CVE-2017-7132 | Resource Exhaustion vulnerability in Apple mac OS X An issue was discovered in certain Apple products. | 7.8 |
| 2017-11-13 | CVE-2017-13843 | Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in Apple mac OS X An issue was discovered in certain Apple products. | 7.8 |