Vulnerabilities > High

DATE CVE VULNERABILITY TITLE RISK
2017-08-06 CVE-2017-12581 OS Command Injection vulnerability in Electron
GitHub Electron before 1.6.8 allows remote command execution because of a nodeIntegration bypass vulnerability.
network
high complexity
electron CWE-78
8.1
8.1
2017-08-06 CVE-2017-12568 Unspecified vulnerability in Brother Dcp-J132W Firmware 1.20
Denial of Service vulnerability in Debut embedded httpd 1.20 in Brother DCP-J132W (and probably other DCP models) allows remote attackers to hang the printer (disrupting its network connection) by sending a large amount of HTTP packets.
network
low complexity
brother
7.5
7.5
2017-08-05 CVE-2017-9864 Unspecified vulnerability in SMA products
An issue was discovered in SMA Solar Technology products.
network
low complexity
sma
7.5
7.5
2017-08-05 CVE-2017-9863 Cross-Site Request Forgery (CSRF) vulnerability in SMA products
An issue was discovered in SMA Solar Technology products.
network
low complexity
sma CWE-352
8.8
8.8
2017-08-05 CVE-2017-9862 Information Exposure vulnerability in SMA Sunny Explorer
An issue was discovered in SMA Solar Technology products.
network
low complexity
sma CWE-200
7.5
7.5
2017-08-05 CVE-2017-9858 Information Exposure vulnerability in SMA products
An issue was discovered in SMA Solar Technology products.
network
low complexity
sma CWE-200
7.5
7.5
2017-08-05 CVE-2017-9857 Improper Authentication vulnerability in SMA products
An issue was discovered in SMA Solar Technology products.
network
high complexity
sma CWE-287
8.1
8.1
2017-08-05 CVE-2017-9851 Unspecified vulnerability in SMA Sunny Explorer
An issue was discovered in SMA Solar Technology products.
network
low complexity
sma
7.5
7.5
2017-08-05 CVE-2017-7533 Race Condition vulnerability in Linux Kernel
Race condition in the fsnotify implementation in the Linux kernel through 4.12.4 allows local users to gain privileges or cause a denial of service (memory corruption) via a crafted application that leverages simultaneous execution of the inotify_handle_event and vfs_rename functions.
local
high complexity
linux CWE-362
7.0
7.0
2017-08-05 CVE-2017-12439 Cross-Site Request Forgery (CSRF) vulnerability in Socusoft Flash Slideshow Maker 5.20
SocuSoft Flash Slideshow Maker Professional through v5.20, when the advanced configuration is used, has an xml_path HTTP parameter that trusts user-supplied input, in conjunction with an unsafe XML configuration file.
network
high complexity
socusoft CWE-352
7.5
7.5