Vulnerabilities > High

DATE CVE VULNERABILITY TITLE RISK
2017-08-29 CVE-2017-10828 Untrusted Search Path vulnerability in NTT Flets Install Tool 12.6.0
Untrusted search path vulnerability in Flets Install Tool all versions distributed through the website till 2017 August 8 allows an attacker to gain privileges via a Trojan horse DLL in an unspecified directory.
local
low complexity
ntt CWE-426
7.8
2017-08-29 CVE-2017-10827 Untrusted Search Path vulnerability in NTT Flets Azukuu PC Automatic Backup Tool 1.0.3.0
Untrusted search path vulnerability in Flets Azukeru for Windows Auto Backup Tool v1.0.3.0 and earlier allows an attacker to gain privileges via a Trojan horse DLL in an unspecified directory.
local
low complexity
ntt CWE-426
7.8
2017-08-29 CVE-2017-10826 Untrusted Search Path vulnerability in NTT Security Kinou Mihariban 1.0.21
Untrusted search path vulnerability in Security Kinou Mihariban v1.0.21 and earlier allows an attacker to gain privileges via a Trojan horse DLL in an unspecified directory.
local
low complexity
ntt CWE-426
7.8
2017-08-29 CVE-2017-10812 Untrusted Search Path vulnerability in Nttdocomo Photo Collection PC Software 4.0.2
Untrusted search path vulnerability in Photo Collection PC Software Ver.4.0.2 and earlier allows an attacker to gain privileges via a Trojan horse DLL in an unspecified directory.
local
low complexity
nttdocomo CWE-426
7.8
2017-08-29 CVE-2015-0234 Improper Input Validation vulnerability in Pki-Core Project Pki-Core 10.2.0
Multiple temporary file creation vulnerabilities in pki-core 10.2.0.
network
low complexity
pki-core-project CWE-20
7.5
2017-08-29 CVE-2014-8872 Code Injection vulnerability in AVM products
Improper Verification of Cryptographic Signature in AVM FRITZ!Box 6810 LTE after firmware 5.22, FRITZ!Box 6840 LTE after firmware 5.23, and other models with firmware 5.50.
local
low complexity
avm CWE-94
7.8
2017-08-29 CVE-2014-8393 Uncontrolled Search Path Element vulnerability in Corel products
DLL Hijacking vulnerability in CorelDRAW X7, Corel Photo-Paint X7, Corel PaintShop Pro X7, Corel Painter 2015, and Corel PDF Fusion.
local
low complexity
corel CWE-427
7.8
2017-08-28 CVE-2015-8332 Improper Authentication vulnerability in Huawei Vcm5010 Firmware and Vcm5020 Firmware
Huawei Video Content Management (VCM) before V100R001C10SPC001 does not properly "authenticate online user identities and privileges," which allows remote authenticated users to gain privileges and perform a case operation as another user via a crafted message, aka "Horizontal Privilege Escalation Vulnerability."
network
low complexity
huawei CWE-287
8.8
2017-08-28 CVE-2015-8300 Permission Issues vulnerability in Polycom Btoe Connector 2.3.0
Polycom BToE Connector before 3.0.0 uses weak permissions (Everyone: Full Control) for "Program Files (x86)\polycom\polycom btoe connector\plcmbtoesrv.exe," which allows local users to gain privileges via a Trojan horse file.
local
low complexity
polycom CWE-275
7.8
2017-08-28 CVE-2017-6594 Improper Certificate Validation vulnerability in multiple products
The transit path validation code in Heimdal before 7.3 might allow attackers to bypass the capath policy protection mechanism by leveraging failure to add the previous hop realm to the transit path of issued tickets.
network
low complexity
heimdal-project opensuse CWE-295
7.5