Vulnerabilities > High
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2017-09-22 | CVE-2017-14079 | Unrestricted Upload of File with Dangerous Type vulnerability in Trendmicro Mobile Security 9.7 Unrestricted file uploads in Trend Micro Mobile Security (Enterprise) versions before 9.7 Patch 3 allow remote attackers to execute arbitrary code on vulnerable installations. | 8.8 |
| 2017-09-22 | CVE-2017-11396 | Unspecified vulnerability in Trendmicro Interscan web Security Virtual Appliance 6.5 Vulnerability issues with the web service inspection of input parameters in Trend Micro Web Security Virtual Appliance 6.5 may allow potential attackers who already have administration rights to the console to implement remote code injections. | 7.2 |
| 2017-09-22 | CVE-2017-11395 | OS Command Injection vulnerability in Trendmicro Smart Protection Server 3.1/3.2 Command injection vulnerability in Trend Micro Smart Protection Server (Standalone) 3.1 and 3.2 server administration UI allows attackers with authenticated access to execute arbitrary code on vulnerable installations. | 8.8 |
| 2017-09-22 | CVE-2017-3770 | Unspecified vulnerability in Lenovo Xclarity Administrator Privilege escalation vulnerability in LXCA versions earlier than 1.3.2 where an authenticated user may be able to abuse certain web interface functionality to execute privileged commands within the underlying LXCA operating system. | 8.8 |
| 2017-09-22 | CVE-2017-14693 | Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in Irfanview 4.44 IrfanView 4.44 - 32bit allows attackers to cause a denial of service or possibly have unspecified other impact via a crafted .djvu file, related to "Data from Faulting Address controls Branch Selection starting at DJVU!GetPlugInInfo+0x000000000001c613." | 7.8 |
| 2017-09-22 | CVE-2017-14692 | Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in Stdutility Stdu Viewer 1.6.375 STDU Viewer 1.6.375 allows attackers to execute arbitrary code or cause a denial of service via a crafted .jb2 file, related to a "User Mode Write AV starting at STDUJBIG2File!DllGetClassObject+0x000000000000653b." | 7.8 |
| 2017-09-22 | CVE-2017-14691 | Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in Stdutility Stdu Viewer 1.6.375 STDU Viewer 1.6.375 allows attackers to cause a denial of service or possibly have unspecified other impact via a crafted .jb2 file, related to "Data from Faulting Address controls Branch Selection starting at ntdll_773a0000!RtlAddAccessAllowedAce+0x000000000000027a." | 7.8 |
| 2017-09-22 | CVE-2017-14690 | Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in Stdutility Stdu Viewer 1.6.375 STDU Viewer 1.6.375 allows attackers to execute arbitrary code or cause a denial of service via a crafted .jb2 file, related to "Data from Faulting Address controls subsequent Write Address starting at STDUJBIG2File!DllGetClassObject+0x00000000000064e7." | 7.8 |
| 2017-09-22 | CVE-2017-14689 | Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in Stdutility Stdu Viewer 1.6.375 STDU Viewer 1.6.375 allows attackers to cause a denial of service or possibly have unspecified other impact via a crafted .djvu file, related to "Data from Faulting Address is used as one or more arguments in a subsequent Function Call starting at STDUDjVuFile!DllUnregisterServer+0x000000000000328e." | 7.8 |
| 2017-09-22 | CVE-2017-14688 | Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in Stdutility Stdu Viewer 1.6.375 STDU Viewer 1.6.375 allows attackers to cause a denial of service or possibly have unspecified other impact via a crafted .djvu file, related to a "Read Access Violation starting at STDUDjVuFile!DllUnregisterServer+0x000000000000d917." | 7.8 |