Vulnerabilities > High

DATE	CVE	VULNERABILITY TITLE	RISK
2017-10-23	CVE-2017-15808	Cross-Site Request Forgery (CSRF) vulnerability in PHPmyfaq In phpMyFaq before 2.9.9, there is CSRF in admin/ajax.config.php. network low complexity phpmyfaq CWE-352	8.8
2017-10-23	CVE-2010-2232	Improper Access Control vulnerability in Apache Derby In Apache Derby 10.1.2.1, 10.2.2.0, 10.3.1.4, and 10.4.1.3, Export processing may allow an attacker to overwrite an existing file. network low complexity apache CWE-284	7.5
2017-10-23	CVE-2017-9946	Improper Authentication vulnerability in Siemens products A vulnerability has been identified in Siemens APOGEE PXC and TALON TC BACnet Automation Controllers in all versions <V3.5. network low complexity siemens CWE-287	7.5
2017-10-23	CVE-2017-15805	Path Traversal vulnerability in Cisco products Cisco Small Business SA520 and SA540 devices with firmware 2.1.71 and 2.2.0.7 allow ../ directory traversal in scgi-bin/platform.cgi via the thispage parameter, for reading arbitrary files. network low complexity cisco CWE-22	7.5
2017-10-23	CVE-2017-15567	Unspecified vulnerability in Idemia MSO 1300 Firmware The certificate import component in IDEMIA (formerly Morpho) MorphoSmart 1300 Series (aka MSO 1300 Series) devices allows local users to obtain a command shell, and consequently gain privileges, via unspecified vectors. local low complexity idemia	7.8
2017-10-23	CVE-2017-15378	SQL Injection vulnerability in Softwarepublico E-Sic 1.0 SQL Injection exists in the E-Sic 1.0 password reset parameter (aka the cpfcnpj parameter to the /reset URI). network low complexity softwarepublico CWE-89	8.8
2017-10-23	CVE-2017-15377	Unspecified vulnerability in Openinfosecfoundation Suricata In Suricata before 4.x, it was possible to trigger lots of redundant checks on the content of crafted network traffic with a certain signature, because of DetectEngineContentInspection in detect-engine-content-inspection.c. network low complexity openinfosecfoundation	7.5
2017-10-23	CVE-2017-14332	Unspecified vulnerability in Extremenetworks Extremexos Extreme EXOS 15.7, 16.x, 21.x, and 22.x allows remote attackers to hijack sessions by determining SessionID values. network high complexity extremenetworks	8.1
2017-10-23	CVE-2017-14328	Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in Extremenetworks Extremexos Extreme EXOS 15.7, 16.x, 21.x, and 22.x allows remote attackers to trigger a buffer overflow leading to a reboot. network low complexity extremenetworks CWE-119	7.5
2017-10-23	CVE-2017-7149	Unspecified vulnerability in Apple mac OS X An issue was discovered in certain Apple products. local low complexity apple	7.8

Vulnerabilities > High {"@context":"https://schema.org","@type":"BreadcrumbList","itemListElement":[{"@type":"ListItem","position":1,"name":"Vulnerabilities","item":"https://cyber.vumetric.com/vulns/"},{"@type":"ListItem","position":2,"name":"High"}]}

Vulnerabilities > High