Vulnerabilities > High
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2017-11-07 | CVE-2017-2865 | Unspecified vulnerability in Meetcircle Circle With Disney Firmware 2.0.1 An exploitable vulnerability exists in the firmware update functionality of Circle with Disney. high complexity meetcircle | 7.5 |
| 2017-11-06 | CVE-2017-6331 | Unspecified vulnerability in Symantec Endpoint Protection Prior to SEP 14 RU1 Symantec Endpoint Protection product can encounter an issue of Tamper-Protection Bypass, which is a type of attack that bypasses the real time protection for the application that is run on servers and clients. | 7.1 |
| 2017-11-06 | CVE-2017-13681 | Unspecified vulnerability in Symantec Endpoint Protection Symantec Endpoint Protection prior to SEP 12.1 RU6 MP9 could be susceptible to a privilege escalation vulnerability, which is a type of issue that allows a user to gain elevated access to resources that are normally protected at lower access levels. | 7.8 |
| 2017-11-06 | CVE-2017-14031 | Improper Privilege Management vulnerability in Trihedral Vtscada An Improper Access Control issue was discovered in Trihedral VTScada 11.3.03 and prior. | 7.8 |
| 2017-11-06 | CVE-2017-14029 | Uncontrolled Search Path Element vulnerability in Trihedral Vtscada An Uncontrolled Search Path Element issue was discovered in Trihedral VTScada 11.3.03 and prior. | 7.8 |
| 2017-11-06 | CVE-2017-12719 | NULL Pointer Dereference vulnerability in Advantech Webaccess An Untrusted Pointer Dereference issue was discovered in Advantech WebAccess versions prior to V8.2_20170817. | 7.5 |
| 2017-11-06 | CVE-2017-16001 | Race Condition vulnerability in Hashicorp Vagrant 5.0.1 In HashiCorp Vagrant VMware Fusion plugin (aka vagrant-vmware-fusion) 5.0.1, a local attacker or malware can silently subvert the plugin update process in order to escalate to root privileges. | 7.8 |
| 2017-11-06 | CVE-2017-15672 | Out-of-bounds Read vulnerability in multiple products The read_header function in libavcodec/ffv1dec.c in FFmpeg 2.4 and 3.3.4 and possibly earlier allows remote attackers to have unspecified impact via a crafted MP4 file, which triggers an out-of-bounds read. | 8.8 |
| 2017-11-06 | CVE-2017-11177 | Improper Input Validation vulnerability in Websense Triton AP Email 8.2 TRITON AP-EMAIL 8.2 before 8.2 IB does not properly restrict file access in an unspecified directory. | 7.5 |
| 2017-11-06 | CVE-2015-7529 | Link Following vulnerability in multiple products sosreport in SoS 3.x allows local users to obtain sensitive information from sosreport files or gain privileges via a symlink attack on an archive file in a temporary directory, as demonstrated by sosreport-$hostname-$date.tar in /tmp/sosreport-$hostname-$date. | 7.8 |