Vulnerabilities > High
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2017-10-12 | CVE-2017-10864 | Untrusted Search Path vulnerability in Hitachi-Solutions Confidential File Viewer Untrusted search path vulnerability in Installer of HIBUN Confidential File Viewer prior to 11.20.0001 allows an attacker to gain privileges via a Trojan horse DLL in an unspecified directory. | 7.8 |
| 2017-10-12 | CVE-2017-10863 | Untrusted Search Path vulnerability in Hitachi-Solutions Confidential File Decryption Untrusted search path vulnerability in HIBUN Confidential File Decryption program prior to 10.50.0.5 allows an attacker to gain privileges via a Trojan horse DLL in an unspecified directory. | 7.8 |
| 2017-10-12 | CVE-2017-9514 | Incorrect Permission Assignment for Critical Resource vulnerability in Atlassian Bamboo Bamboo before 6.0.5, 6.1.x before 6.1.4, and 6.2.x before 6.2.1 had a REST endpoint that parsed a YAML file and did not sufficiently restrict which classes could be loaded. | 8.8 |
| 2017-10-12 | CVE-2017-15286 | NULL Pointer Dereference vulnerability in Sqlite 3.20.1 SQLite 3.20.1 has a NULL pointer dereference in tableColumnList in shell.c because it fails to consider certain cases where `sqlite3_step(pStmt)==SQLITE_ROW` is false and a data structure is never initialized. | 7.5 |
| 2017-10-12 | CVE-2017-15285 | Improper Input Validation vulnerability in Qualiteam X-Cart X-Cart 5.2.23, 5.3.1.9, 5.3.2.13, and 5.3.3 is vulnerable to Remote Code Execution. | 8.8 |
| 2017-10-12 | CVE-2017-15281 | Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in multiple products ReadPSDImage in coders/psd.c in ImageMagick 7.0.7-6 allows remote attackers to cause a denial of service (application crash) or possibly have unspecified other impact via a crafted file, related to "Conditional jump or move depends on uninitialised value(s)." | 8.8 |
| 2017-10-11 | CVE-2017-8025 | Improper Input Validation vulnerability in EMC Archer GRC Platform 6.2.0.4 RSA Archer GRC Platform prior to 6.2.0.5 is affected by an arbitrary file upload vulnerability. | 7.4 |
| 2017-10-11 | CVE-2017-2888 | Integer Overflow or Wraparound vulnerability in multiple products An exploitable integer overflow vulnerability exists when creating a new RGB Surface in SDL 2.0.5. | 8.8 |
| 2017-10-11 | CVE-2017-2887 | Out-of-bounds Write vulnerability in multiple products An exploitable buffer overflow vulnerability exists in the XCF property handling functionality of SDL_image 2.0.1. | 8.8 |
| 2017-10-11 | CVE-2017-15264 | Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in Irfanview 4.44 IrfanView version 4.44 (32bit) allows attackers to cause a denial of service or possibly have unspecified other impact via a crafted .tif file, related to "Data from Faulting Address is used as one or more arguments in a subsequent Function Call starting at image00000000_00400000+0x00000000000236e4." | 7.8 |