Vulnerabilities > High
DATE | CVE | VULNERABILITY TITLE | RISK |
---|---|---|---|
2017-07-17 | CVE-2017-2253 | Untrusted Search Path vulnerability in Yahoo Toolbar 8.0.0.6 Untrusted search path vulnerability in Installer of Yahoo! Toolbar (for Internet explorer) v8.0.0.6 and earlier, with its timestamp prior to June 13, 2017, 18:18:55 allows an attacker to gain privileges via a Trojan horse DLL in an unspecified directory. | 7.8 |
2017-07-17 | CVE-2017-2252 | Untrusted Search Path vulnerability in Sourcenext File Compact 5.09/6.01/7.01 Untrusted search path vulnerability in self-extracting archive files created by File Compact Ver.5 version 5.10 and earlier, Ver.6 version 6.02 and earlier, Ver.7 version 7.02 and earlier allows an attacker to gain privileges via a Trojan horse DLL in an unspecified directory. | 7.8 |
2017-07-17 | CVE-2017-2249 | Untrusted Search Path vulnerability in Chitora Lhaz+ 3.4.0 Untrusted search path vulnerability in Self-extracting archive files created by Lhaz+ version 3.4.0 and earlier allows an attacker to gain privileges via a Trojan horse DLL in an unspecified directory. | 7.8 |
2017-07-17 | CVE-2017-2248 | Untrusted Search Path vulnerability in Chitora Lhaz+ 3.4.0 Untrusted search path vulnerability in Installer of Lhaz+ version 3.4.0 and earlier allows an attacker to gain privileges via a Trojan horse DLL in an unspecified directory. | 7.8 |
2017-07-17 | CVE-2017-2247 | Untrusted Search Path vulnerability in Chitora Lhaz 2.4.0 Untrusted search path vulnerability in Self-extracting archive files created by Lhaz version 2.4.0 and earlier allows an attacker to gain privileges via a Trojan horse DLL in an unspecified directory. | 7.8 |
2017-07-17 | CVE-2017-2246 | Untrusted Search Path vulnerability in Chitora Lhaz 2.4.0 Untrusted search path vulnerability in Installer of Lhaz version 2.4.0 and earlier allows an attacker to gain privileges via a Trojan horse DLL in an unspecified directory. | 7.8 |
2017-07-17 | CVE-2017-1183 | SQL Injection vulnerability in IBM Tivoli Monitoring 6.2.2.9/6.2.3.5/6.3.0.7 IBM Tivoli Monitoring Portal v6 could allow a local (network adjacent) attacker to modify SQL commands to the Portal Server, when default client-server communications, HTTP, are being used. | 7.5 |
2017-07-17 | CVE-2017-1182 | Unspecified vulnerability in IBM Tivoli Monitoring 6.2.2.9/6.2.3.5/6.3.0.7 IBM Tivoli Monitoring Portal v6 could allow a local (network adjacent) attacker to execute arbitrary commands on the system, when default client-server default communications, HTTP, are being used. high complexity ibm | 7.5 |
2017-07-17 | CVE-2017-1181 | Cleartext Transmission of Sensitive Information vulnerability in IBM Tivoli Monitoring 6.2.2.9/6.2.3.5/6.3.0.7 IBM Tivoli Monitoring Portal V6 client could allow a local attacker to gain elevated privileges for IBM Tivoli Monitoring, caused by the default console connection not being encrypted. | 7.0 |
2017-07-17 | CVE-2017-11347 | Unspecified vulnerability in Metinfo 5.3.17 Authenticated Code Execution Vulnerability in MetInfo 5.3.17 allows a remote authenticated attacker to generate a PHP script with the content of a malicious image, related to admin/include/common.inc.php and admin/app/physical/physical.php. | 8.8 |