Vulnerabilities > High
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2017-12-08 | CVE-2017-17468 | Unspecified vulnerability in Tgsoft Vir.It Explorer 8.5.42 TG Soft Vir.IT eXplorer Lite 8.5.42 allows local users to gain privileges or cause a denial of service (Arbitrary Write) via a \\.\Viragtlt DeviceIoControl request of 0x82730020, a different vulnerability than CVE-2017-17050. | 7.8 |
| 2017-12-08 | CVE-2017-17467 | Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in Tgsoft Vir.It Explorer 8.5.42 TG Soft Vir.IT eXplorer Lite 8.5.42 allows local users to cause a denial of service (BSOD) or possibly have unspecified other impact via a \\.\Viragtlt DeviceIoControl request of 0x82730074. | 7.8 |
| 2017-12-08 | CVE-2017-17466 | Unspecified vulnerability in Tgsoft Vir.It Explorer 8.5.42 TG Soft Vir.IT eXplorer Lite 8.5.42 allows local users to gain privileges or cause a denial of service (Arbitrary Write) via a \\.\Viragtlt DeviceIoControl request of 0x82730088. | 7.8 |
| 2017-12-08 | CVE-2017-17463 | Information Exposure vulnerability in Vivo Modem Firmware Vivo modems allow remote attackers to obtain sensitive information by reading the index.cgi?page=wifi HTML source code, as demonstrated by ssid and psk_wepkey fields. | 7.5 |
| 2017-12-07 | CVE-2017-1000410 | Information Exposure vulnerability in multiple products The Linux kernel version 3.3-rc1 and later is affected by a vulnerability lies in the processing of incoming L2CAP commands - ConfigRequest, and ConfigResponse messages. | 7.5 |
| 2017-12-07 | CVE-2017-17459 | Unspecified vulnerability in Fossil SCM Fossil http_transport.c in Fossil before 2.4, when the SSH sync protocol is used, allows user-assisted remote attackers to execute arbitrary commands via an ssh URL with an initial dash character in the hostname, a related issue to CVE-2017-9800, CVE-2017-12836, CVE-2017-12976, CVE-2017-14176, CVE-2017-16228, CVE-2017-1000116, and CVE-2017-1000117. | 8.8 |
| 2017-12-07 | CVE-2017-11937 | Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in Microsoft Malware Protection Engine The Microsoft Malware Protection Engine running on Microsoft Forefront and Microsoft Defender on Windows 7 SP1, Windows 8.1, Windows RT 8.1, Windows 10 Gold, 1511, 1607, and 1703, 1709 and Windows Server 2016, Windows Server, version 1709, Microsoft Exchange Server 2013 and 2016, does not properly scan a specially crafted file leading to remote code execution. | 7.8 |
| 2017-12-07 | CVE-2017-1356 | SQL Injection vulnerability in IBM Atlas Ediscovery Process Management IBM Atlas eDiscovery Process Management 6.0.3 is vulnerable to SQL injection. | 8.8 |
| 2017-12-07 | CVE-2017-1271 | Inadequate Encryption Strength vulnerability in IBM Security Guardium 9.0/9.1/9.5 IBM Security Guardium 9.0, 9.1, and 9.5 supports interaction between multiple actors and allows those actors to negotiate which algorithm should be used as a protection mechanism such as encryption or authentication, but it does not select the strongest algorithm that is available to both parties. | 7.5 |
| 2017-12-07 | CVE-2017-17384 | Improper Privilege Management vulnerability in Ispconfig ISPConfig 3.x before 3.1.9 allows remote authenticated users to obtain root access by creating a crafted cron job. | 8.8 |