Vulnerabilities > High
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2017-08-08 | CVE-2011-4343 | Information Exposure vulnerability in Apache Myfaces Information disclosure vulnerability in Apache MyFaces Core 2.0.1 through 2.0.10 and 2.1.0 through 2.1.4 allows remote attackers to inject EL expressions via crafted parameters. | 7.5 |
| 2017-08-08 | CVE-2010-2245 | XXE vulnerability in Apache Wink XML External Entity (XXE) vulnerability in Apache Wink 1.1.1 and earlier allows remote attackers to read arbitrary files or cause a denial of service via a crafted XML document. | 7.4 |
| 2017-08-08 | CVE-2017-11741 | Incorrect Default Permissions vulnerability in Hashicorp Vagrant VMWare Fusion HashiCorp Vagrant VMware Fusion plugin (aka vagrant-vmware-fusion) before 4.0.24 uses weak permissions for the sudo helper scripts, allows local users to execute arbitrary code with root privileges by overwriting one of the scripts. | 8.8 |
| 2017-08-08 | CVE-2017-11155 | Information Exposure vulnerability in Synology Photo Station An information exposure vulnerability in index.php in Synology Photo Station before 6.7.3-3432 and 6.3-2967 allows remote attackers to obtain sensitive system information via unspecified vectors. | 7.5 |
| 2017-08-08 | CVE-2017-11154 | Unrestricted Upload of File with Dangerous Type vulnerability in Synology Photo Station Unrestricted file upload vulnerability in PixlrEditorHandler.php in Synology Photo Station before 6.7.3-3432 and 6.3-2967 allows remote attackers to create arbitrary PHP scripts via the type parameter. | 7.2 |
| 2017-08-08 | CVE-2017-11152 | Path Traversal vulnerability in Synology Photo Station Directory traversal vulnerability in PixlrEditorHandler.php in Synology Photo Station before 6.7.3-3432 and 6.3-2967 allows remote attackers to write arbitrary files via the path parameter. | 7.5 |
| 2017-08-08 | CVE-2017-10246 | Unspecified vulnerability in Oracle Application Object Library Vulnerability in the Oracle Application Object Library component of Oracle E-Business Suite (subcomponent: iHelp). | 8.2 |
| 2017-08-08 | CVE-2017-10245 | Unspecified vulnerability in Oracle General Ledger Vulnerability in the Oracle General Ledger component of Oracle E-Business Suite (subcomponent: Account Hierarchy Manager). | 7.5 |
| 2017-08-08 | CVE-2017-10242 | Unspecified vulnerability in Oracle VM Virtualbox Vulnerability in the Oracle VM VirtualBox component of Oracle Virtualization (subcomponent: Core). | 7.3 |
| 2017-08-08 | CVE-2017-10241 | Unspecified vulnerability in Oracle VM Virtualbox Vulnerability in the Oracle VM VirtualBox component of Oracle Virtualization (subcomponent: Core). | 7.3 |