Vulnerabilities > High
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2018-01-02 | CVE-2017-1000452 | XML Injection (aka Blind XPath Injection) vulnerability in Samlify Project Samlify An XML Signature Wrapping vulnerability exists in Samlify 2.2.0 and earlier, and in predecessor Express-saml2 which could allow attackers to impersonate arbitrary users. | 7.5 |
| 2018-01-02 | CVE-2017-1000451 | Unspecified vulnerability in Fs-Git Project Fs-Git fs-git is a file system like api for git repository. | 7.8 |
| 2018-01-02 | CVE-2017-1000450 | Integer Overflow or Wraparound vulnerability in multiple products In opencv/modules/imgcodecs/src/utils.cpp, functions FillUniColor and FillUniGray do not check the input length, which can lead to integer overflow. | 8.8 |
| 2018-01-02 | CVE-2017-1000448 | Path Traversal vulnerability in Structured-Data Structured Data Linter Structured Data Linter versions 2.4.1 and older are vulnerable to a directory traversal attack in the URL input field resulting in the possibility of disclosing information about the remote host. | 7.5 |
| 2018-01-02 | CVE-2017-1000412 | Information Exposure vulnerability in Linaro Op-Tee Linaro's open source TEE solution called OP-TEE, version 2.4.0 (and older) is vulnerable to the bellcore attack in the LibTomCrypt code resulting in compromised private RSA key. | 7.5 |
| 2018-01-02 | CVE-2017-9966 | Unspecified vulnerability in Schneider-Electric Pelco Videoxpert A privilege escalation vulnerability exists in Schneider Electric's Pelco VideoXpert Enterprise versions 2.0 and prior. | 7.1 |
| 2018-01-01 | CVE-2018-3814 | Unrestricted Upload of File with Dangerous Type vulnerability in Craftcms Craft CMS 2.6.3000 Craft CMS 2.6.3000 allows remote attackers to execute arbitrary PHP code by using the "Assets->Upload files" screen and then the "Replace it" option, because this allows a .jpg file to have embedded PHP code, and then be renamed to a .php extension. | 8.8 |
| 2018-01-01 | CVE-2017-18009 | Out-of-bounds Read vulnerability in Opencv 3.3.1 In OpenCV 3.3.1, a heap-based buffer over-read exists in the function cv::HdrDecoder::checkSignature in modules/imgcodecs/src/grfmt_hdr.cpp. | 7.5 |
| 2017-12-31 | CVE-2017-17704 | Use of Insufficiently Random Values vulnerability in Swhouse Istar Ultra Firmware 6.5.2.20569 A door-unlocking issue was discovered on Software House iStar Ultra devices through 6.5.2.20569 when used in conjunction with the IP-ACM Ethernet Door Module. | 7.4 |
| 2017-12-30 | CVE-2017-14855 | Unspecified vulnerability in Redlion HMI Panel Firmware 2.41 Red Lion HMI panels allow remote attackers to cause a denial of service (software exception) via an HTTP POST request to a long URI that does not exist, as demonstrated by version HMI 2.41 PLC 2.42. | 8.6 |