Vulnerabilities > High
DATE | CVE | VULNERABILITY TITLE | RISK |
---|---|---|---|
2017-09-11 | CVE-2017-14270 | Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in Xnview 2.40 XnView Classic for Windows Version 2.40 allows attackers to execute arbitrary code or cause a denial of service via a crafted .jb2 file, related to a "User Mode Write AV starting at ntdll_77400000!RtlFillMemoryUlong+0x0000000000000010." | 7.8 |
2017-09-11 | CVE-2017-14153 | Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in Jungo Windriver This vulnerability allows local attackers to escalate privileges on Jungo WinDriver 12.4.0 and earlier. | 7.8 |
2017-09-11 | CVE-2017-14075 | Out-of-bounds Write vulnerability in Jungo Windriver This vulnerability allows local attackers to escalate privileges on Jungo WinDriver 12.4.0 and earlier. | 7.8 |
2017-09-11 | CVE-2017-14267 | Cross-Site Request Forgery (CSRF) vulnerability in EE 4Gee Wifi MBB Firmware Ee600005.0025 EE 4GEE WiFi MBB (before EE60_00_05.00_31) devices have CSRF, related to goform/AddNewProfile, goform/setWanDisconnect, goform/setSMSAutoRedirectSetting, goform/setReset, and goform/uploadBackupSettings. | 8.8 |
2017-09-11 | CVE-2017-14263 | Session Fixation vulnerability in Honeywell products Honeywell NVR devices allow remote attackers to create a user account in the admin group by leveraging access to a guest account to obtain a session ID, and then sending that session ID in a userManager.addUser request to the /RPC2 URI. | 8.1 |
2017-09-11 | CVE-2017-14262 | Inadequate Encryption Strength vulnerability in Samsung products On Samsung NVR devices, remote attackers can read the MD5 password hash of the 'admin' account via certain szUserName JSON data to cgi-bin/main-cgi, and login to the device with that hash in the szUserPasswd parameter. | 8.1 |
2017-09-11 | CVE-2017-14261 | Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in Bento4 1.5.0616 In the SDK in Bento4 1.5.0-616, the AP4_StszAtom class in Ap4StszAtom.cpp file contains a Read Memory Access Violation vulnerability. | 7.8 |
2017-09-11 | CVE-2017-14260 | Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in Axiosys Bento4 1.5.0616 In the SDK in Bento4 1.5.0-616, the AP4_StssAtom class in Ap4StssAtom.cpp contains a Write Memory Access Violation vulnerability. | 7.8 |
2017-09-11 | CVE-2017-14259 | Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in Bento4 1.5.0616 In the SDK in Bento4 1.5.0-616, the AP4_StscAtom class in Ap4StscAtom.cpp contains a Write Memory Access Violation vulnerability. | 7.8 |
2017-09-11 | CVE-2017-14258 | Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in Bento4 1.5.0616 In the SDK in Bento4 1.5.0-616, SetItemCount in Core/Ap4StscAtom.h file contains a Write Memory Access Violation vulnerability. | 7.8 |