Vulnerabilities > High

DATE CVE VULNERABILITY TITLE RISK
2017-11-01 CVE-2017-16244 Cross-Site Request Forgery (CSRF) vulnerability in Octobercms October 1.0.426
Cross-Site Request Forgery exists in OctoberCMS 1.0.426 (aka Build 426) due to improper validation of CSRF tokens for postback handling, allowing an attacker to successfully take over the victim's account.
network
low complexity
octobercms CWE-352
8.8
8.8
2017-11-01 CVE-2017-14376 Use of Hard-coded Credentials vulnerability in EMC Appsync
EMC AppSync Server prior to 3.5.0.1 contains database accounts with hardcoded passwords that could potentially be exploited by malicious users to compromise the affected system.
local
low complexity
emc CWE-798
7.8
7.8
2017-10-31 CVE-2017-10954 Integer Overflow or Wraparound vulnerability in Bitdefender Internet Security 2018
This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Bitdefender Internet Security Internet Security 2018 prior to build 7.72918.
network
low complexity
bitdefender CWE-190
8.8
8.8
2017-10-31 CVE-2017-10953 Improper Input Validation vulnerability in Foxitsoftware Foxit Reader 8.3.0.14878
This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Foxit Reader 8.3.0.14878.
network
low complexity
foxitsoftware CWE-20
8.8
8.8
2017-10-31 CVE-2017-10948 Use After Free vulnerability in Foxitsoftware Foxit Reader 8.2.1.6871
This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Foxit Reader 8.2.1.6871.
network
low complexity
foxitsoftware CWE-416
8.8
8.8
2017-10-31 CVE-2017-10947 Use After Free vulnerability in Foxitsoftware Foxit Reader 8.2.1.6871
This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Foxit Reader 8.2.1.6871.
network
low complexity
foxitsoftware CWE-416
8.8
8.8
2017-10-31 CVE-2017-10946 Use After Free vulnerability in Foxitsoftware Foxit Reader 8.2.1.6871
This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Foxit Reader 8.2.1.6871.
network
low complexity
foxitsoftware CWE-416
8.8
8.8
2017-10-31 CVE-2017-10945 Use After Free vulnerability in Foxitsoftware Foxit Reader 8.3.0.14878
This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Foxit Reader 8.3.0.14878.
network
low complexity
foxitsoftware CWE-416
8.8
8.8
2017-10-31 CVE-2017-10941 Use After Free vulnerability in Foxitsoftware Foxit Reader 8.3.0.14878
This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Foxit Reader 8.3.0.14878.
network
low complexity
foxitsoftware CWE-416
8.8
8.8
2017-10-31 CVE-2017-10940 Unrestricted Upload of File with Dangerous Type vulnerability in Joyent Triton Datacenter
This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Joyent Smart Data Center prior to [email protected] (e469cf49-4de3-4658-8419-ab42837916ad).
network
low complexity
joyent CWE-434
8.8
8.8