Vulnerabilities > High
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2017-09-15 | CVE-2017-10855 | Untrusted Search Path vulnerability in Fujitsu Fence-Explorer 8.4.1 Untrusted search path vulnerability in FENCE-Explorer for Windows V8.4.1 and earlier allows an attacker to gain privileges via a Trojan horse DLL in an unspecified directory. | 7.8 |
| 2017-09-15 | CVE-2017-10846 | Missing Authorization vulnerability in Nttdocomo Wi-Fi Station L-02F Firmware L02Fmdm9625V10Hjun232017Dcmjp/V10B Wi-Fi STATION L-02F Software version V10b and earlier allows remote attackers to bypass access restrictions to obtain information on device settings via unspecified vectors. | 7.5 |
| 2017-09-15 | CVE-2017-4924 | Out-of-bounds Write vulnerability in VMWare Esxi, Fusion and Workstation PRO VMware ESXi (ESXi 6.5 without patch ESXi650-201707101-SG), Workstation (12.x before 12.5.7) and Fusion (8.x before 8.5.8) contain an out-of-bounds write vulnerability in SVGA device. | 8.8 |
| 2017-09-15 | CVE-2017-14484 | Improper Privilege Management vulnerability in Gentoo Sci-Mathematics-Gimps 28.10 The Gentoo sci-mathematics/gimps package before 28.10-r1 for Great Internet Mersenne Prime Search (GIMPS) allows local users to gain privileges by creating a hard link under /var/lib/gimps, because an unsafe "chown -R" command is executed. | 7.3 |
| 2017-09-14 | CVE-2017-2809 | Code Injection vulnerability in Ansible-Vault Project Ansible-Vault An exploitable vulnerability exists in the yaml loading functionality of ansible-vault before 1.0.5. | 7.8 |
| 2017-09-14 | CVE-2017-0782 | Classic Buffer Overflow vulnerability in Google Android A remote code execution vulnerability in the Android system (bluetooth). | 8.8 |
| 2017-09-14 | CVE-2017-0781 | Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in Google Android A remote code execution vulnerability in the Android system (bluetooth). | 8.8 |
| 2017-09-14 | CVE-2017-14482 | GNU Emacs before 25.3 allows remote attackers to execute arbitrary code via email with crafted "Content-Type: text/enriched" data containing an x-display XML element that specifies execution of shell commands, related to an unsafe text/enriched extension in lisp/textmodes/enriched.el, and unsafe Gnus support for enriched and richtext inline MIME objects in lisp/gnus/mm-view.el. | 8.8 |
| 2017-09-14 | CVE-2017-1002151 | Missing Authorization vulnerability in Redhat Pagure Pagure 3.3.0 and earlier is vulnerable to loss of confidentially due to improper authorization | 7.5 |
| 2017-09-14 | CVE-2017-1002026 | SQL Injection vulnerability in Eventespresso Event Espresso 3.1.37.11.L Vulnerability in wordpress plugin Event Expresso Free v3.1.37.11.L, The function edit_event_category does not sanitize user-supplied input via the $id parameter before passing it into an SQL statement. | 8.8 |