Vulnerabilities > High
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2017-05-19 | CVE-2017-6016 | Unspecified vulnerability in Leao Consultoria E Desenvolvimento DE Sistemas Ltda ME Laquis Scada An Improper Access Control issue was discovered in LCDS - Leao Consultoria e Desenvolvimento de Sistemas LTDA ME LAquis SCADA. | 7.3 |
| 2017-05-19 | CVE-2017-5177 | Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in Vipa Controls Winplc7 Firmware 5.0.45.5921 A Stack Buffer Overflow issue was discovered in VIPA Controls WinPLC7 5.0.45.5921 and prior. | 7.5 |
| 2017-05-19 | CVE-2017-5176 | Uncontrolled Search Path Element vulnerability in Rockwellautomation Connected Components Workbench 9.01.00 A DLL Hijack issue was discovered in Rockwell Automation Connected Components Workbench (CCW). | 7.0 |
| 2017-05-18 | CVE-2017-6652 | Improper Input Validation vulnerability in Cisco Telepresence Ix5000 8.2.0Base A vulnerability in the web framework of the Cisco TelePresence IX5000 Series could allow an unauthenticated, remote attacker to access arbitrary files on an affected device. | 7.5 |
| 2017-05-18 | CVE-2017-6623 | Improper Privilege Management vulnerability in Cisco Policy Suite 10.0.0/10.1.0/11.0.0 A vulnerability in a script file that is installed as part of the Cisco Policy Suite (CPS) Software distribution for the CPS appliance could allow an authenticated, local attacker to escalate their privilege level to root. | 7.8 |
| 2017-05-18 | CVE-2017-6621 | Information Exposure vulnerability in Cisco Prime Collaboration Provisioning A vulnerability in the web interface of Cisco Prime Collaboration Provisioning could allow an unauthenticated, remote attacker to access sensitive data. | 7.5 |
| 2017-05-18 | CVE-2017-3980 | Path Traversal vulnerability in Mcafee Epolicy Orchestrator A directory traversal vulnerability in the ePO Extension in McAfee ePolicy Orchestrator (ePO) 5.9.0, 5.3.2, and 5.1.3 and earlier allows remote authenticated users to execute a command of their choice via an authenticated ePO session. | 7.2 |
| 2017-05-18 | CVE-2017-9069 | Unrestricted Upload of File with Dangerous Type vulnerability in Modx Revolution In MODX Revolution before 2.5.7, a user with file upload permissions is able to execute arbitrary code by uploading a file with the name .htaccess. | 8.8 |
| 2017-05-18 | CVE-2017-9067 | Path Traversal vulnerability in multiple products In MODX Revolution before 2.5.7, when PHP 5.3.3 is used, an attacker is able to include and execute arbitrary files on the web server due to insufficient validation of the action parameter to setup/index.php, aka directory traversal. | 7.0 |
| 2017-05-18 | CVE-2017-9066 | Server-Side Request Forgery (SSRF) vulnerability in multiple products In WordPress before 4.7.5, there is insufficient redirect validation in the HTTP class, leading to SSRF. | 8.6 |