Vulnerabilities > High
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2017-07-07 | CVE-2017-2226 | Untrusted Search Path vulnerability in NTA E-Tax 1.17.1 Untrusted search path vulnerability in Setup file of advance preparation for e-Tax software (WEB version) (1.17.1) and earlier allows an attacker to gain privileges via a Trojan horse DLL in an unspecified directory. | 7.8 |
| 2017-07-07 | CVE-2017-2223 | Cross-Site Request Forgery (CSRF) vulnerability in Iodata products Cross-site request forgery (CSRF) vulnerability in TS-WPTCAM, TS-PTCAM, TS-PTCAM/POE, TS-WLC2, TS-WLCE, TS-WRLC firmware version 1.19 and earlier and TS-WPTCAM2 firmware version 1.01 and earlier allows remote attackers to hijack the authentication of administrators via unspecified vectors. | 8.8 |
| 2017-07-07 | CVE-2017-2220 | Untrusted Search Path vulnerability in IPA Casl II Simulator Untrusted search path vulnerability in Installer of CASL II simulator (self-extract format) allows an attacker to gain privileges via a Trojan horse DLL in an unspecified directory. | 7.8 |
| 2017-07-07 | CVE-2017-2218 | Untrusted Search Path vulnerability in Apple Quicktime Untrusted search path vulnerability in Installer of QuickTime for Windows allows an attacker to gain privileges via a Trojan horse DLL in an unspecified directory. | 7.8 |
| 2017-07-07 | CVE-2017-2215 | Untrusted Search Path vulnerability in E-Tax.Nta E-Tax Untrusted search path vulnerability in Installer of "Setup file of advance preparation" (jizen_setup.exe) (The version which was available on the website prior to 2017 June 12) allows an attacker to gain privileges via a Trojan horse DLL in an unspecified directory. | 7.8 |
| 2017-07-07 | CVE-2017-2208 | Untrusted Search Path vulnerability in Acquisition Technology and Logistics Agency Installer of Electronic Tendering 06112017 Untrusted search path vulnerability in Installer of Electronic tendering and bid opening system available prior to June 12, 2017 allows an attacker to execute arbitrary code via a specially crafted executable file in an unspecified directory. | 7.8 |
| 2017-07-07 | CVE-2017-2188 | Untrusted Search Path vulnerability in Maff Denshinouhin Check System 8.0.001.001/9.0.001.001 Untrusted search path vulnerability in Installer of Denshinouhin Check System (for Ministry of Agriculture, Forestry and Fisheries Nouson Seibi Jigyou) 2014 March Edition (Ver.9.0.001.001) [Updated on 2017 June 9], (Ver.8.0.001.001) [Updated on 2016 May 31] and earlier allows an attacker to gain privileges via a Trojan horse DLL in an unspecified directory. | 7.8 |
| 2017-07-07 | CVE-2017-2186 | Improper Authentication vulnerability in Kddi Home Spot Cube 2 Firmware V100/V101 HOME SPOT CUBE2 firmware V101 and earlier allows an attacker to bypass authentication to load malicious firmware via WebUI. | 8.8 |
| 2017-07-07 | CVE-2017-2185 | OS Command Injection vulnerability in Kddi Home Spot Cube 2 Firmware V100/V101 HOME SPOT CUBE2 firmware V101 and earlier allows authenticated attackers to execute arbitrary OS commands via WebUI. | 8.8 |
| 2017-07-07 | CVE-2017-2184 | Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in Kddi Home Spot Cube 2 Firmware V100/V101 Buffer overflow in HOME SPOT CUBE2 firmware V101 and earlier allows an attacker to execute arbitrary code via WebUI. | 8.8 |