Vulnerabilities > High
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2017-08-18 | CVE-2017-12440 | Missing Authentication for Critical Function vulnerability in Openstack 07132017 Aodh as packaged in Openstack Ocata and Newton before change-ID I8fd11a7f9fe3c0ea5f9843a89686ac06713b7851 and before Pike-rc1 does not verify that trust IDs belong to the user when creating alarm action with the scheme trust+http, which allows remote authenticated users with knowledge of trust IDs where Aodh is the trustee to obtain a Keystone token and perform unspecified authenticated actions by adding an alarm action with the scheme trust+http, and providing a trust id where Aodh is the trustee. | 7.5 |
| 2017-08-18 | CVE-2017-10665 | Path Traversal vulnerability in PHPgrid Directory traversal vulnerability in ajaxfileupload.php in Kayson Group Ltd. | 7.8 |
| 2017-08-18 | CVE-2017-2289 | Untrusted Search Path vulnerability in Kddi QUA Station Firmware 1.00.03 Untrusted search path vulnerability in Installer of Qua station connection tool for Windows version 1.00.03 allows an attacker to gain privileges via a Trojan horse DLL in an unspecified directory. | 7.8 |
| 2017-08-18 | CVE-2017-2228 | Untrusted Search Path vulnerability in Enecho.Meti Teikihoukokusho Sakuseishien Tool 4.0 Untrusted search path vulnerability in Teikihoukokusho Sakuseishien Tool v4.0 allows an attacker to gain privileges via a Trojan horse DLL in an unspecified directory. | 7.8 |
| 2017-08-18 | CVE-2017-12938 | Path Traversal vulnerability in Rarlab Unrar 0.0.1/5.5.4/5.5.6 UnRAR before 5.5.7 allows remote attackers to bypass a directory-traversal protection mechanism via vectors involving a symlink to the . | 7.5 |
| 2017-08-18 | CVE-2017-10824 | Untrusted Search Path vulnerability in Teikoku Databank Type a 5.2 Untrusted search path vulnerability in TDB CA TypeA use software Version 5.2 and earlier, distributed until 10 August 2017 allows an attacker to gain privileges via a Trojan horse DLL in an unspecified directory. | 7.8 |
| 2017-08-18 | CVE-2017-10823 | Untrusted Search Path vulnerability in Enecho.Meti Shin Kinkyuji Houkoku Data Nyuryoku Program Untrusted search path vulnerability in Installer for Shin Kinkyuji Houkoku Data Nyuryoku Program (program released on 2011 March 10) Distributed on the website till 2017 May 17 allows an attacker to gain privileges via a Trojan horse DLL in an unspecified directory. | 7.8 |
| 2017-08-18 | CVE-2017-10822 | Untrusted Search Path vulnerability in Enecho.Meti Shin Sekiyu Yunyu Chousa Houkoku Data Nyuryoku Program Untrusted search path vulnerability in Installer for Shin Sekiyu Yunyu Chousa Houkoku Data Nyuryoku Program (program released on 2013 September 30) distributed on the website until 2017 May 17 allows an attacker to gain privileges via a Trojan horse DLL in an unspecified directory. | 7.8 |
| 2017-08-18 | CVE-2017-10821 | Untrusted Search Path vulnerability in Enecho.Meti Shin Kikan Toukei Houkoku Data Nyuryokuyou Program Untrusted search path vulnerability in Installer for Shin Kikan Toukei Houkoku Data Nyuryokuyou Program (program released on 2013 September 30) Distributed on the website until 2017 May 17 allows an attacker to gain privileges via a Trojan horse DLL in an unspecified directory. | 7.8 |
| 2017-08-18 | CVE-2017-12937 | Out-of-bounds Read vulnerability in multiple products The ReadSUNImage function in coders/sun.c in GraphicsMagick 1.3.26 has a colormap heap-based buffer over-read. | 8.8 |