Vulnerabilities > High
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2017-08-14 | CVE-2017-12853 | Cross-Site Request Forgery (CSRF) vulnerability in Rtsindia Rwr-3G-100 Firmware 1.0.56 The RealTime RWR-3G-100 Router Firmware Version : Ver1.0.56 is affected by CSRF an attack that forces an end user to execute unwanted actions on a web application in which they're currently authenticated. | 8.8 |
| 2017-08-14 | CVE-2017-12851 | Weak Password Recovery Mechanism for Forgotten Password vulnerability in Kanboard An authenticated standard user could reset the password of the admin by altering form data. | 8.8 |
| 2017-08-14 | CVE-2017-12850 | Weak Password Recovery Mechanism for Forgotten Password vulnerability in Kanboard An authenticated standard user could reset the password of other users (including the admin) by altering form data. | 8.8 |
| 2017-08-14 | CVE-2017-11156 | Incorrect Permission Assignment for Critical Resource vulnerability in Synology Download Station Synology Download Station 3.8.x before 3.8.5-3475 and 3.x before 3.5-2984 uses weak permissions (0777) for ui/dlm/btsearch directory, which allows remote authenticated users to execute arbitrary code by uploading an executable via unspecified vectors. | 7.8 |
| 2017-08-14 | CVE-2017-11150 | OS Command Injection vulnerability in Synology Office 2.2.01502/2.2.11506 Command injection vulnerability in Document.php in Synology Office 2.2.0-1502 and 2.2.1-1506 allows remote authenticated users to execute arbitrary commands via shell metacharacters in the crafted file name of RTF documents. | 7.8 |
| 2017-08-14 | CVE-2017-9661 | Uncontrolled Search Path Element vulnerability in Simplight Scada 4.3.0.27 An Uncontrolled Search Path Element issue was discovered in SIMPlight SCADA Software version 4.3.0.27 and prior. | 7.0 |
| 2017-08-14 | CVE-2017-9660 | Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in Fujielectric Monitouch V-Sft 5.4.42.0 A Heap-Based Buffer Overflow was discovered in Fuji Electric Monitouch V-SFT versions prior to Version 5.4.43.0. | 8.8 |
| 2017-08-14 | CVE-2017-9659 | Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in Fujielectric Monitouch V-Sft 5.4.42.0 A Stack-Based Buffer Overflow issue was discovered in Fuji Electric Monitouch V-SFT versions prior to Version 5.4.43.0. | 8.8 |
| 2017-08-14 | CVE-2017-9648 | Uncontrolled Search Path Element vulnerability in Solarcontrols Wattconfig M 2.5.10.1 An Uncontrolled Search Path Element issue was discovered in Solar Controls WATTConfig M Software Version 2.5.10.1 and prior. | 7.8 |
| 2017-08-14 | CVE-2017-9646 | Uncontrolled Search Path Element vulnerability in Solarcontrols Heating Control Downloader 1.0.1.15 An Uncontrolled Search Path Element issue was discovered in Solar Controls Heating Control Downloader (HCDownloader) Version 1.0.1.15 and prior. | 7.8 |