Vulnerabilities > High
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2017-08-28 | CVE-2014-9483 | Information Exposure vulnerability in GNU Emacs 24.4 Emacs 24.4 allows remote attackers to bypass security restrictions. | 7.5 |
| 2017-08-28 | CVE-2014-9312 | Unrestricted Upload of File with Dangerous Type vulnerability in 10Web Photo Gallery 1.2.5 Unrestricted File Upload vulnerability in Photo Gallery 1.2.5. | 8.8 |
| 2017-08-28 | CVE-2014-8900 | Cross-Site Request Forgery (CSRF) vulnerability in IBM Urbancode Deploy Cross-site request forgery (CSRF) vulnerability in IBM UrbanCode Release 6.0.1.6 and earlier, 6.1.0.7 and earlier, and 6.1.1.1 and earlier. | 8.8 |
| 2017-08-28 | CVE-2014-8871 | Path Traversal vulnerability in SAP Hybris Directory traversal vulnerability in hybris Commerce software suite 5.0.3.3 and earlier, 5.0.0.3 and earlier, 5.0.4.4 and earlier, 5.1.0.1 and earlier, 5.1.1.2 and earlier, 5.2.0.3 and earlier, and 5.3.0.1 and earlier. | 7.5 |
| 2017-08-28 | CVE-2014-5302 | Path Traversal vulnerability in Manageengine products Directory traversal vulnerability in ServiceDesk Plus and Plus MSP v5 through v9.0 v9030; AssetExplorer v4 to v6.1; SupportCenter v5 to v7.9; IT360 v8 to v10.4 allows remote authenticated users to execute arbitrary code. | 8.8 |
| 2017-08-28 | CVE-2014-5301 | Path Traversal vulnerability in Manageengine products Directory traversal vulnerability in ServiceDesk Plus MSP v5 to v9.0 v9030; AssetExplorer v4 to v6.1; SupportCenter v5 to v7.9; IT360 v8 to v10.4. | 8.8 |
| 2017-08-28 | CVE-2012-2805 | Improper Resource Shutdown or Release vulnerability in Ffmpeg 0.10 Unspecified vulnerability in FFMPEG 0.10 allows remote attackers to cause a denial of service. | 7.5 |
| 2017-08-27 | CVE-2017-13710 | NULL Pointer Dereference vulnerability in GNU Binutils 2.29 The setup_group function in elf.c in the Binary File Descriptor (BFD) library (aka libbfd), as distributed in GNU Binutils 2.29, allows remote attackers to cause a denial of service (NULL pointer dereference and application crash) via a group section that is too small. | 7.5 |
| 2017-08-27 | CVE-2017-13709 | Improper Input Validation vulnerability in Flightgear 2017.2.1 In FlightGear before version 2017.3.1, Main/logger.cxx in the FGLogger subsystem allows one to overwrite any file via a resource that affects the contents of the global Property Tree. | 7.5 |
| 2017-08-27 | CVE-2017-12595 | Improper Input Validation vulnerability in Qpdf Project Qpdf 6.0.0/7.0.B1 The tokenizer in QPDF 6.0.0 and 7.0.b1 is recursive for arrays and dictionaries, which allows remote attackers to cause a denial of service (stack consumption and segmentation fault) or possibly have unspecified other impact via a PDF document with a deep data structure, as demonstrated by a crash in QPDFObjectHandle::parseInternal in libqpdf/QPDFObjectHandle.cc. | 7.8 |