Vulnerabilities > High
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2017-07-17 | CVE-2017-1000022 | Incorrect Permission Assignment for Critical Resource vulnerability in Logicaldoc LogicalDoc Community Edition 7.5.3 and prior contain an Incorrect access control which could leave to privilege escalation. | 8.8 |
| 2017-07-17 | CVE-2017-1000021 | XXE vulnerability in Logicaldoc LogicalDoc Community Edition 7.5.3 and prior is vulnerable to XXE when indexing XML documents. | 8.8 |
| 2017-07-17 | CVE-2017-1000018 | Improper Input Validation vulnerability in PHPmyadmin phpMyAdmin 4.0, 4.4., and 4.6 are vulnerable to a DOS attack in the replication status by using a specially crafted table name | 7.5 |
| 2017-07-17 | CVE-2017-1000017 | Server-Side Request Forgery (SSRF) vulnerability in PHPmyadmin phpMyAdmin 4.0, 4.4 and 4.6 are vulnerable to a weakness where a user with appropriate permissions is able to connect to an arbitrary MySQL server | 8.8 |
| 2017-07-17 | CVE-2017-1000016 | Improper Input Validation vulnerability in PHPmyadmin A weakness was discovered where an attacker can inject arbitrary values in to the browser cookies. | 7.5 |
| 2017-07-17 | CVE-2017-1000014 | Improper Input Validation vulnerability in PHPmyadmin phpMyAdmin 4.0, 4.4, and 4.6 are vulnerable to a DOS weakness in the table editing functionality | 7.5 |
| 2017-07-17 | CVE-2017-1000010 | Uncontrolled Search Path Element vulnerability in Audacityteam Audacity Audacity 2.1.2 through 2.3.2 is vulnerable to Dll HIjacking in the avformat-55.dll resulting arbitrary code execution. | 7.8 |
| 2017-07-17 | CVE-2017-1000008 | Cross-Site Request Forgery (CSRF) vulnerability in Chyrp-Lite Project Chyrp Lite 2016.04 Chyrp Lite version 2016.04 is vulnerable to a CSRF in the user settings function allowing attackers to hijack the authentication of logged in users to modify account information, including their password. | 8.8 |
| 2017-07-17 | CVE-2017-1000001 | Improper Input Validation vulnerability in Fedoraproject Fedmsg FedMsg 0.18.1 and older is vulnerable to a message validation flaw resulting in message validation not being enabled if configured to be on. | 7.5 |
| 2017-07-17 | CVE-2017-0152 | Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in Microsoft Edge A remote code execution vulnerability exists in the way affected Microsoft scripting engine render when handling objects in memory in Microsoft browsers. | 8.1 |