Vulnerabilities > High
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2017-08-28 | CVE-2012-2805 | Improper Resource Shutdown or Release vulnerability in Ffmpeg 0.10 Unspecified vulnerability in FFMPEG 0.10 allows remote attackers to cause a denial of service. | 7.5 |
| 2017-08-27 | CVE-2017-13710 | NULL Pointer Dereference vulnerability in GNU Binutils 2.29 The setup_group function in elf.c in the Binary File Descriptor (BFD) library (aka libbfd), as distributed in GNU Binutils 2.29, allows remote attackers to cause a denial of service (NULL pointer dereference and application crash) via a group section that is too small. | 7.5 |
| 2017-08-27 | CVE-2017-13709 | Improper Input Validation vulnerability in Flightgear 2017.2.1 In FlightGear before version 2017.3.1, Main/logger.cxx in the FGLogger subsystem allows one to overwrite any file via a resource that affects the contents of the global Property Tree. | 7.5 |
| 2017-08-27 | CVE-2017-12595 | Improper Input Validation vulnerability in Qpdf Project Qpdf 6.0.0/7.0.B1 The tokenizer in QPDF 6.0.0 and 7.0.b1 is recursive for arrays and dictionaries, which allows remote attackers to cause a denial of service (stack consumption and segmentation fault) or possibly have unspecified other impact via a PDF document with a deep data structure, as demonstrated by a crash in QPDFObjectHandle::parseInternal in libqpdf/QPDFObjectHandle.cc. | 7.8 |
| 2017-08-25 | CVE-2017-12817 | Missing Encryption of Sensitive Data vulnerability in Kaspersky Internet Security 11.12.4.1622 In Kaspersky Internet Security for Android 11.12.4.1622, some of the application trace files were not encrypted. | 7.5 |
| 2017-08-25 | CVE-2017-9650 | Unrestricted Upload of File with Dangerous Type vulnerability in multiple products An Unrestricted Upload of File with Dangerous Type issue was discovered in Automated Logic Corporation (ALC) ALC WebCTRL, i-Vu, SiteScan Web 6.5 and prior; ALC WebCTRL, SiteScan Web 6.1 and prior; ALC WebCTRL, i-Vu 6.0 and prior; ALC WebCTRL, i-Vu, SiteScan Web 5.5 and prior; and ALC WebCTRL, i-Vu, SiteScan Web 5.2 and prior. | 7.8 |
| 2017-08-25 | CVE-2017-9644 | Unquoted Search Path or Element vulnerability in multiple products An Unquoted Search Path or Element issue was discovered in Automated Logic Corporation (ALC) ALC WebCTRL, i-Vu, SiteScan Web 6.5 and prior; ALC WebCTRL, SiteScan Web 6.1 and prior; ALC WebCTRL, i-Vu 6.0 and prior; ALC WebCTRL, i-Vu, SiteScan Web 5.5 and prior; and ALC WebCTRL, i-Vu, SiteScan Web 5.2 and prior. | 7.0 |
| 2017-08-25 | CVE-2017-7930 | Improper Authentication vulnerability in Osisoft PI Data Archive An Improper Authentication issue was discovered in OSIsoft PI Server 2017 PI Data Archive versions prior to 2017. | 7.4 |
| 2017-08-25 | CVE-2017-7926 | Cross-Site Request Forgery (CSRF) vulnerability in Osisoft PI web API 1.8 A Cross-Site Request Forgery issue was discovered in OSIsoft PI Web API versions prior to 2017 (1.9.0). | 8.8 |
| 2017-08-25 | CVE-2017-12857 | Information Exposure vulnerability in Polycom Unified Communications Software Polycom SoundStation IP, VVX, and RealPresence Trio that are running software older than UCS 4.0.12, 5.4.5 rev AG, 5.4.7, 5.5.2, or 5.6.0 are affected by a vulnerability in their UCS web application. | 8.8 |