Vulnerabilities > High
DATE | CVE | VULNERABILITY TITLE | RISK |
---|---|---|---|
2017-08-01 | CVE-2017-11133 | Use of a Broken or Risky Cryptographic Algorithm vulnerability in Stashcat Heinekingmedia 0.0.80W/0.0.86W/1.7.5 An issue was discovered in heinekingmedia StashCat through 1.7.5 for Android, through 0.0.80w for Web, and through 0.0.86 for Desktop. | 7.5 |
2017-08-01 | CVE-2017-11132 | Improper Certificate Validation vulnerability in Heinekingmedia Stashcat An issue was discovered in heinekingmedia StashCat before 1.5.18 for Android. | 7.5 |
2017-08-01 | CVE-2017-11130 | Insufficient Verification of Data Authenticity vulnerability in Stashcat Heinekingmedia 0.0.80W/0.0.86W/1.7.5 An issue was discovered in heinekingmedia StashCat through 1.7.5 for Android, through 0.0.80w for Web, and through 0.0.86 for Desktop. | 8.1 |
2017-08-01 | CVE-2017-12067 | Out-of-bounds Read vulnerability in Potrace Project Potrace 1.14 Potrace 1.14 has a heap-based buffer over-read in the interpolate_cubic function in mkbitmap.c. | 7.5 |
2017-08-01 | CVE-2017-12064 | Improper Encoding or Escaping of Output vulnerability in Open-Emr Openemr 5.0.0 The csv_log_html function in library/edihistory/edih_csv_inc.php in OpenEMR 5.0.0 and prior allows attackers to bypass intended access restrictions via a crafted name. | 7.5 |
2017-07-31 | CVE-2017-11726 | Cross-Site Request Forgery (CSRF) vulnerability in Connectwise Manage 2017.5 services/system_io/actionprocessor/System.rails in ConnectWise Manage 2017.5 is vulnerable to Cross-Site Request Forgery (CSRF), as demonstrated by changing an e-mail address setting. | 8.8 |
2017-07-31 | CVE-2017-11648 | Cross-Site Request Forgery (CSRF) vulnerability in Techroutes TR 1803-3G Firmware 2.4.25 Techroutes TR 1803-3G Wireless Cellular Router/Modem 2.4.25 devices do not possess any protection against a CSRF vulnerability, as demonstrated by a goform/BasicSettings request to disable port filtering. | 8.8 |
2017-07-31 | CVE-2017-1460 | Improper Input Validation vulnerability in IBM I IBM i OSPF 6.1, 7.1, 7.2, and 7.3 is vulnerable when a rogue router spoofs its origin. | 7.5 |
2017-07-31 | CVE-2017-1227 | Allocation of Resources Without Limits or Throttling vulnerability in IBM Bigfix Platform 9.1/9.2/9.5 IBM Tivoli Endpoint Manager could allow a unauthorized user to consume all resources and crash the system. | 7.5 |
2017-07-31 | CVE-2016-9716 | Cross-Site Request Forgery (CSRF) vulnerability in IBM Infosphere Master Data Management Server IBM InfoSphere Master Data Management Server 11.0, 11.3, 11.4, 11.5, and 11.6 is vulnerable to cross-site request forgery which could allow an attacker to execute malicious and unauthorized actions transmitted from a user that the website trusts. | 8.8 |