Vulnerabilities > High
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2018-01-05 | CVE-2017-4946 | Incorrect Authorization vulnerability in VMWare products The VMware V4H and V4PA desktop agents (6.x before 6.5.1) contain a privilege escalation vulnerability. | 7.8 |
| 2018-01-05 | CVE-2017-16905 | Code Injection vulnerability in Duolingo Tinycards The DuoLingo TinyCards application before 1.0 for Android has one use of unencrypted HTTP, which allows remote attackers to spoof content, and consequently achieve remote code execution, via a man-in-the-middle attack. | 8.1 |
| 2018-01-05 | CVE-2017-16753 | Improper Input Validation vulnerability in Advantech Webaccess An Improper Input Validation issue was discovered in Advantech WebAccess versions prior to 8.3. | 7.5 |
| 2018-01-05 | CVE-2017-16728 | NULL Pointer Dereference vulnerability in Advantech Webaccess An Untrusted Pointer Dereference issue was discovered in Advantech WebAccess versions prior to 8.3. | 7.5 |
| 2018-01-04 | CVE-2018-5220 | Improper Input Validation vulnerability in K7Computing Antivirus 15.1.0306 In K7 Antivirus 15.1.0306, the driver file (K7Sentry.sys) allows local users to cause a denial of service (BSOD) or possibly have unspecified other impact because of not validating input values from IOCtl 0x95002610. | 7.8 |
| 2018-01-04 | CVE-2018-5219 | Improper Input Validation vulnerability in K7Computing Antivirus 15.1.0306 In K7 Antivirus 15.1.0306, the driver file (K7FWHlpr.sys) allows local users to cause a denial of service (BSOD) or possibly have unspecified other impact because of not validating input values from IOCtl 0x83002168. | 7.8 |
| 2018-01-04 | CVE-2018-5218 | Improper Input Validation vulnerability in K7Computing Antivirus 15.1.0306 In K7 Antivirus 15.1.0306, the driver file (K7Sentry.sys) allows local users to cause a denial of service (BSOD) or possibly have unspecified other impact because of not validating input values from IOCtl 0x950025b0. | 7.8 |
| 2018-01-04 | CVE-2018-5217 | Improper Input Validation vulnerability in K7Computing Antivirus 15.1.0306 In K7 Antivirus 15.1.0306, the driver file (K7Sentry.sys) allows local users to cause a denial of service (BSOD) or possibly have unspecified other impact because of not validating input values from IOCtl 0x95002578. | 7.8 |
| 2018-01-04 | CVE-2017-17867 | Incorrect Permission Assignment for Critical Resource vulnerability in Intenogroup Iopsys 2.0/3.14/4.0 Inteno iopsys 2.0-3.14 and 4.0 devices allow remote authenticated users to execute arbitrary OS commands by modifying the leasetrigger field in the odhcpd configuration to specify an arbitrary program, as demonstrated by a program located on an SMB share. | 8.8 |
| 2018-01-04 | CVE-2017-1672 | Cross-Site Request Forgery (CSRF) vulnerability in IBM Security KEY Lifecycle Manager IBM Tivoli Key Lifecycle Manager 2.6 and 2.7 is vulnerable to cross-site request forgery which could allow an attacker to execute malicious and unauthorized actions transmitted from a user that the website trusts. | 8.8 |