Vulnerabilities > High
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2017-07-07 | CVE-2017-2185 | OS Command Injection vulnerability in Kddi Home Spot Cube 2 Firmware V100/V101 HOME SPOT CUBE2 firmware V101 and earlier allows authenticated attackers to execute arbitrary OS commands via WebUI. | 8.8 |
| 2017-07-07 | CVE-2017-2184 | Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in Kddi Home Spot Cube 2 Firmware V100/V101 Buffer overflow in HOME SPOT CUBE2 firmware V101 and earlier allows an attacker to execute arbitrary code via WebUI. | 8.8 |
| 2017-07-07 | CVE-2017-2183 | OS Command Injection vulnerability in Kddi Home Spot Cube 2 Firmware V100/V101 HOME SPOT CUBE2 firmware V101 and earlier allows authenticated attackers to execute arbitrary OS commands via Clock Settings. | 8.0 |
| 2017-07-07 | CVE-2017-7404 | Cross-Site Request Forgery (CSRF) vulnerability in Dlink Dir-615 20.12Ptb01 On the D-Link DIR-615 before v20.12PTb04, if a victim logged in to the Router's Web Interface visits a malicious site from another Browser tab, the malicious site then can send requests to the victim's Router without knowing the credentials (CSRF). | 8.8 |
| 2017-07-07 | CVE-2017-10974 | Path Traversal vulnerability in Yaws 1.91 Yaws 1.91 allows Unauthenticated Remote File Disclosure via HTTP Directory Traversal with /%5C../ to port 8080. | 7.5 |
| 2017-07-07 | CVE-2017-4998 | Cross-Site Request Forgery (CSRF) vulnerability in EMC RSA Archer Egrc EMC RSA Archer 5.4.1.3, 5.5.3.1, 5.5.2.3, 5.5.2, 5.5.1.3.1, 5.5.1.1 is potentially affected by a cross-site request forgery vulnerability. | 8.8 |
| 2017-07-06 | CVE-2017-6248 | Unspecified vulnerability in Google Android 7.1.2 An elevation of privilege vulnerability in the NVIDIA sound driver could enable a local malicious application to execute arbitrary code within the context of the kernel. | 7.0 |
| 2017-07-06 | CVE-2017-6247 | Unspecified vulnerability in Google Android 7.1.2 An elevation of privilege vulnerability in the NVIDIA sound driver could enable a local malicious application to execute arbitrary code within the context of the kernel. | 7.8 |
| 2017-07-06 | CVE-2017-0711 | Unspecified vulnerability in Google Android 7.1.2 A elevation of privilege vulnerability in the MediaTek networking driver. | 7.8 |
| 2017-07-06 | CVE-2017-0710 | Unspecified vulnerability in Google Android 7.1.2 A elevation of privilege vulnerability in the Upstream Linux tcb. | 7.8 |