Vulnerabilities > High
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2017-08-14 | CVE-2017-11150 | OS Command Injection vulnerability in Synology Office 2.2.01502/2.2.11506 Command injection vulnerability in Document.php in Synology Office 2.2.0-1502 and 2.2.1-1506 allows remote authenticated users to execute arbitrary commands via shell metacharacters in the crafted file name of RTF documents. | 7.8 |
| 2017-08-14 | CVE-2017-9661 | Uncontrolled Search Path Element vulnerability in Simplight Scada 4.3.0.27 An Uncontrolled Search Path Element issue was discovered in SIMPlight SCADA Software version 4.3.0.27 and prior. | 7.0 |
| 2017-08-14 | CVE-2017-9660 | Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in Fujielectric Monitouch V-Sft 5.4.42.0 A Heap-Based Buffer Overflow was discovered in Fuji Electric Monitouch V-SFT versions prior to Version 5.4.43.0. | 8.8 |
| 2017-08-14 | CVE-2017-9659 | Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in Fujielectric Monitouch V-Sft 5.4.42.0 A Stack-Based Buffer Overflow issue was discovered in Fuji Electric Monitouch V-SFT versions prior to Version 5.4.43.0. | 8.8 |
| 2017-08-14 | CVE-2017-9648 | Uncontrolled Search Path Element vulnerability in Solarcontrols Wattconfig M 2.5.10.1 An Uncontrolled Search Path Element issue was discovered in Solar Controls WATTConfig M Software Version 2.5.10.1 and prior. | 7.8 |
| 2017-08-14 | CVE-2017-9646 | Uncontrolled Search Path Element vulnerability in Solarcontrols Heating Control Downloader 1.0.1.15 An Uncontrolled Search Path Element issue was discovered in Solar Controls Heating Control Downloader (HCDownloader) Version 1.0.1.15 and prior. | 7.8 |
| 2017-08-11 | CVE-2015-3614 | Information Exposure vulnerability in Fortinet Fortimanager Firmware Fortinet FortiManager 5.0.x before 5.0.11, 5.2.x before 5.2.2 allows remote attackers to obtain arbitrary files via vectors involving another unspecified vulnerability. | 7.5 |
| 2017-08-11 | CVE-2015-1783 | Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in multiple products The prefix variable in the get_or_define_ns function in Lasso before commit 6d854cef4211cdcdbc7446c978f23ab859847cdd allows remote attackers to cause a denial of service (uninitialized memory access and application crash) via unspecified vectors. | 7.5 |
| 2017-08-11 | CVE-2017-6328 | Cross-Site Request Forgery (CSRF) vulnerability in Symantec Message Gateway The Symantec Messaging Gateway before 10.6.3-267 can encounter an issue of cross site request forgery (also known as one-click attack and is abbreviated as CSRF or XSRF), which is a type of malicious exploit of a website where unauthorized commands are transmitted from a user that the web application trusts. | 8.8 |
| 2017-08-11 | CVE-2017-6327 | Unspecified vulnerability in Symantec Message Gateway The Symantec Messaging Gateway before 10.6.3-267 can encounter an issue of remote code execution, which describes a situation whereby an individual may obtain the ability to execute commands remotely on a target machine or in a target process. | 8.8 |