Vulnerabilities > High
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2017-06-15 | CVE-2017-9675 | Improper Input Validation vulnerability in Dlink Dir-605L Firmware 2.08B01 On D-Link DIR-605L devices, firmware before 2.08UIBetaB01.bin allows an unauthenticated GET request to trigger a reboot. | 7.5 |
| 2017-06-15 | CVE-2017-9673 | Cross-Site Request Forgery (CSRF) vulnerability in Simplece 2.3.0 In SimpleCE 2.3.0, a CSRF vulnerability can be exploited to add an administrator account (via the index.php/user/new URI) or change its settings (via the index.php/user/1 URI), including its password. | 8.8 |
| 2017-06-15 | CVE-2016-10395 | Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in Flexerasoftware Flexnet Publisher 11.10/11.13.1.0/11.14.1 In FlexNet Publisher versions before Luton SP1 (11.14.1.1) running FlexNet Publisher Licensing Service on Windows platform, a boundary error related to a named pipe within the FlexNet Publisher Licensing Service can be exploited to cause an out-of-bounds memory read access and subsequently execute arbitrary code with SYSTEM privileges. | 7.8 |
| 2017-06-15 | CVE-2015-7732 | Information Exposure vulnerability in Avira Mobile Security 1.5.7 The Avira Mobile Security app before 1.5.11 for iOS sends sensitive login information in cleartext. | 7.5 |
| 2017-06-15 | CVE-2017-9670 | Access of Uninitialized Pointer vulnerability in Gnuplot Project Gnuplot 5.2 An uninitialized stack variable vulnerability in load_tic_series() in set.c in gnuplot 5.2.rc1 allows an attacker to cause Denial of Service (Segmentation fault and Memory Corruption) or possibly have unspecified other impact when a victim opens a specially crafted file. | 7.8 |
| 2017-06-15 | CVE-2017-1379 | Information Exposure vulnerability in IBM API Connect IBM API Connect 5.0.0.0 could allow a remote attacker to obtain sensitive information, caused by improper handling of requests to the Developer Portal. | 7.5 |
| 2017-06-15 | CVE-2017-9606 | Incorrect Permission Assignment for Critical Resource vulnerability in Infotecs Vipnet Client and Vipnet Coordinator Infotecs ViPNet Client and Coordinator before 4.3.2-42442 allow local users to gain privileges by placing a Trojan horse ViPNet update file in the update folder. | 7.3 |
| 2017-06-15 | CVE-2017-8552 | Improper Preservation of Permissions vulnerability in Microsoft Windows 7 and Windows Server 2008 A kernel-mode driver in Microsoft Windows XP SP3, Windows XP x64 XP2, Windows Server 2003 SP2, Windows Vista, Windows 7 SP1, Windows Server 2008 SP2 and R2 SP1, and Windows 8 allows an elevation of privilege when it fails to properly handle objects in memory, aka "Win32k Elevation of Privilege Vulnerability". | 7.8 |
| 2017-06-15 | CVE-2017-8549 | Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in Microsoft Edge Microsoft Edge in Microsoft Windows 10 Gold, 1511, 1607, and 1703, and Windows Server 2016 allows an attacker to obtain information to further compromise the user's system when Microsoft Edge improperly handles objects in memory, aka "Scripting Engine Memory Corruption Vulnerability". | 7.5 |
| 2017-06-15 | CVE-2017-8548 | Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in Microsoft Edge Microsoft Edge in Microsoft Windows 10 Gold, 1511, 1607, and 1703, and Windows Server 2016 allows an attacker to obtain information to further compromise the user's system when Microsoft Edge improperly handles objects in memory, aka "Scripting Engine Memory Corruption Vulnerability". | 7.5 |