Vulnerabilities > High
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2017-08-29 | CVE-2017-13740 | Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in Liblouis 3.2.0 There is a stack-based buffer overflow in Liblouis 3.2.0, triggered in the function parseChars() in compileTranslationTable.c, that will lead to denial of service or possibly unspecified other impact. | 8.8 |
| 2017-08-29 | CVE-2017-13739 | Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in Liblouis 3.2.0 There is a heap-based buffer overflow that causes a more than two thousand bytes out-of-bounds write in Liblouis 3.2.0, triggered in the function resolveSubtable() in compileTranslationTable.c. | 8.8 |
| 2017-08-29 | CVE-2017-13738 | Out-of-bounds Read vulnerability in Liblouis 3.2.0 There is an illegal address access in the _lou_getALine function in compileTranslationTable.c:346 in Liblouis 3.2.0. | 8.8 |
| 2017-08-29 | CVE-2017-13735 | Improper Input Validation vulnerability in Libraw 0.18.2 There is a floating point exception in the kodak_radc_load_raw function in dcraw_common.cpp in LibRaw 0.18.2. | 7.5 |
| 2017-08-29 | CVE-2017-13728 | Infinite Loop vulnerability in GNU Ncurses 6.0 There is an infinite loop in the next_char function in comp_scan.c in ncurses 6.0, related to libtic. | 7.5 |
| 2017-08-29 | CVE-2017-3757 | Unquoted Search Path or Element vulnerability in EMC Elan Touchpad Driver 11.4.1.6 An unquoted service path vulnerability was identified in the driver for the ElanTech Touchpad, various versions, used on some Lenovo brand notebooks (not ThinkPads). | 7.8 |
| 2017-08-29 | CVE-2017-3746 | Unspecified vulnerability in Lenovo Thinkpad USB 3.0 Ethernet Adapter Driver ThinkPad USB 3.0 Ethernet Adapter (part number 4X90E51405) driver, various versions, was found to contain a privilege escalation vulnerability that could allow a local user to execute arbitrary code with administrative or system level privileges. | 7.8 |
| 2017-08-29 | CVE-2017-2242 | Untrusted Search Path vulnerability in NTT Flets Setsuzoku Tool Untrusted search path vulnerability in Flets Setsuzoku Tool for Windows all versions allows an attacker to gain privileges via a Trojan horse DLL in an unspecified directory. | 7.8 |
| 2017-08-29 | CVE-2017-10844 | Code Injection vulnerability in Basercms baserCMS 3.0.14 and earlier, 4.0.5 and earlier allows an attacker to execute arbitrary PHP code on the server via unspecified vectors. | 8.8 |
| 2017-08-29 | CVE-2017-10843 | Unspecified vulnerability in Basercms baserCMS version 3.0.14 and earlier, 4.0.5 and earlier allows remote attackers to delete arbitrary files via unspecified vectors when the "File" field is being used in the mail form. | 7.5 |