Vulnerabilities > High
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2017-08-29 | CVE-2017-10812 | Untrusted Search Path vulnerability in Nttdocomo Photo Collection PC Software 4.0.2 Untrusted search path vulnerability in Photo Collection PC Software Ver.4.0.2 and earlier allows an attacker to gain privileges via a Trojan horse DLL in an unspecified directory. | 7.8 |
| 2017-08-29 | CVE-2015-0234 | Improper Input Validation vulnerability in Pki-Core Project Pki-Core 10.2.0 Multiple temporary file creation vulnerabilities in pki-core 10.2.0. | 7.5 |
| 2017-08-29 | CVE-2014-8872 | Code Injection vulnerability in AVM products Improper Verification of Cryptographic Signature in AVM FRITZ!Box 6810 LTE after firmware 5.22, FRITZ!Box 6840 LTE after firmware 5.23, and other models with firmware 5.50. | 7.8 |
| 2017-08-29 | CVE-2014-8393 | Uncontrolled Search Path Element vulnerability in Corel products DLL Hijacking vulnerability in CorelDRAW X7, Corel Photo-Paint X7, Corel PaintShop Pro X7, Corel Painter 2015, and Corel PDF Fusion. | 7.8 |
| 2017-08-28 | CVE-2015-8332 | Improper Authentication vulnerability in Huawei Vcm5010 Firmware and Vcm5020 Firmware Huawei Video Content Management (VCM) before V100R001C10SPC001 does not properly "authenticate online user identities and privileges," which allows remote authenticated users to gain privileges and perform a case operation as another user via a crafted message, aka "Horizontal Privilege Escalation Vulnerability." | 8.8 |
| 2017-08-28 | CVE-2015-8300 | Permission Issues vulnerability in Polycom Btoe Connector 2.3.0 Polycom BToE Connector before 3.0.0 uses weak permissions (Everyone: Full Control) for "Program Files (x86)\polycom\polycom btoe connector\plcmbtoesrv.exe," which allows local users to gain privileges via a Trojan horse file. | 7.8 |
| 2017-08-28 | CVE-2017-6594 | Improper Certificate Validation vulnerability in multiple products The transit path validation code in Heimdal before 7.3 might allow attackers to bypass the capath policy protection mechanism by leveraging failure to add the previous hop realm to the transit path of issued tickets. | 7.5 |
| 2017-08-28 | CVE-2017-13712 | NULL Pointer Dereference vulnerability in Lame Project Lame 3.99.5 NULL Pointer Dereference in the id3v2AddAudioDuration function in libmp3lame/id3tag.c in LAME 3.99.5 allows attackers to perform Denial of Service by triggering a NULL first argument. | 7.5 |
| 2017-08-28 | CVE-2017-12840 | Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in Deslock Deslock+ 4.8.16 A kernel driver, namely DLMFENC.sys, bundled with the DESLock+ client application 4.8.16 and earlier contains a locally exploitable heap based buffer overflow in the handling of an IOCTL message of type 0x0FA4204. | 7.8 |
| 2017-08-28 | CVE-2015-1600 | Information Exposure vulnerability in Netatmo Indoor Module Firmware 100 Information disclosure vulnerability in Netatmo Indoor Module firmware 100 and earlier. | 7.5 |