Vulnerabilities > High
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2018-01-02 | CVE-2017-1000448 | Path Traversal vulnerability in Structured-Data Structured Data Linter Structured Data Linter versions 2.4.1 and older are vulnerable to a directory traversal attack in the URL input field resulting in the possibility of disclosing information about the remote host. | 7.5 |
| 2018-01-02 | CVE-2017-1000412 | Information Exposure vulnerability in Linaro Op-Tee Linaro's open source TEE solution called OP-TEE, version 2.4.0 (and older) is vulnerable to the bellcore attack in the LibTomCrypt code resulting in compromised private RSA key. | 7.5 |
| 2018-01-02 | CVE-2017-9966 | Unspecified vulnerability in Schneider-Electric Pelco Videoxpert A privilege escalation vulnerability exists in Schneider Electric's Pelco VideoXpert Enterprise versions 2.0 and prior. | 7.1 |
| 2018-01-01 | CVE-2018-3814 | Unrestricted Upload of File with Dangerous Type vulnerability in Craftcms Craft CMS 2.6.3000 Craft CMS 2.6.3000 allows remote attackers to execute arbitrary PHP code by using the "Assets->Upload files" screen and then the "Replace it" option, because this allows a .jpg file to have embedded PHP code, and then be renamed to a .php extension. | 8.8 |
| 2018-01-01 | CVE-2017-18009 | Out-of-bounds Read vulnerability in Opencv 3.3.1 In OpenCV 3.3.1, a heap-based buffer over-read exists in the function cv::HdrDecoder::checkSignature in modules/imgcodecs/src/grfmt_hdr.cpp. | 7.5 |
| 2017-12-31 | CVE-2017-17704 | Use of Insufficiently Random Values vulnerability in Swhouse Istar Ultra Firmware 6.5.2.20569 A door-unlocking issue was discovered on Software House iStar Ultra devices through 6.5.2.20569 when used in conjunction with the IP-ACM Ethernet Door Module. | 7.4 |
| 2017-12-30 | CVE-2017-14855 | Unspecified vulnerability in Redlion HMI Panel Firmware 2.41 Red Lion HMI panels allow remote attackers to cause a denial of service (software exception) via an HTTP POST request to a long URI that does not exist, as demonstrated by version HMI 2.41 PLC 2.42. | 8.6 |
| 2017-12-30 | CVE-2017-17997 | NULL Pointer Dereference vulnerability in multiple products In Wireshark before 2.2.12, the MRDISC dissector misuses a NULL pointer and crashes. | 7.5 |
| 2017-12-30 | CVE-2017-17990 | Cross-Site Request Forgery (CSRF) vulnerability in Iwcnetwork Biometric Shift Employee Management System 4.0 Biometric Shift Employee Management System has CSRF via index.php in an edit_holiday action. | 8.8 |
| 2017-12-30 | CVE-2017-17987 | Unrestricted Upload of File with Dangerous Type vulnerability in Muslim Matrimonial Script Project Muslim Matrimonial Script 3.0.3 PHP Scripts Mall Muslim Matrimonial Script allows arbitrary file upload via admin/mydetails_edit.php. | 7.2 |