Vulnerabilities > High
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2017-05-22 | CVE-2017-9149 | Information Exposure vulnerability in Metadata Anonymisation Toolkit Project Metadata Anonymisation Toolkit 0.6/0.6.1 Metadata Anonymisation Toolkit (MAT) 0.6 and 0.6.1 silently fails to perform "Clean metadata" actions upon invocation from the Nautilus contextual menu, which allows context-dependent attackers to obtain sensitive information by reading a file for which cleaning had been attempted. | 7.5 |
| 2017-05-22 | CVE-2017-6891 | Out-of-bounds Write vulnerability in multiple products Two errors in the "asn1_find_node()" function (lib/parser_aux.c) within GnuTLS libtasn1 version 4.10 can be exploited to cause a stacked-based buffer overflow by tricking a user into processing a specially crafted assignments file via the e.g. | 8.8 |
| 2017-05-22 | CVE-2017-9146 | Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in Ytnef Project Ytnef The TNEFFillMapi function in lib/ytnef.c in libytnef in ytnef through 1.9.2 does not ensure a nonzero count value before a certain memory allocation, which allows remote attackers to cause a denial of service (heap-based buffer overflow and application crash) or possibly have unspecified other impact via a crafted tnef file. | 8.8 |
| 2017-05-22 | CVE-2017-5657 | Cross-Site Request Forgery (CSRF) vulnerability in Apache Archiva Several REST service endpoints of Apache Archiva are not protected against Cross Site Request Forgery (CSRF) attacks. | 8.0 |
| 2017-05-22 | CVE-2017-2175 | Untrusted Search Path vulnerability in IPA Empirical Project Monitor - Extended Untrusted search path vulnerability in Empirical Project Monitor - eXtended all versions allows remote attackers to gain privileges via a Trojan horse DLL in an unspecified directory. | 7.8 |
| 2017-05-22 | CVE-2016-7804 | Untrusted Search Path vulnerability in 7-Zip Untrusted search path vulnerability in 7 Zip for Windows 16.02 and earlier allows remote attackers to gain privileges via a Trojan horse DLL in an unspecified directory. | 7.8 |
| 2017-05-22 | CVE-2016-4904 | Cross-Site Request Forgery (CSRF) vulnerability in Wp-Olivecart Olivecart and Olivecartpro Cross-site request forgery (CSRF) vulnerability in WP-OliveCart versions prior to 3.1.3 and WP-OliveCartPro versions prior to 3.1.8 allows remote attackers to hijack the authentication of a user to perform unintended operations via unspecified vectors. | 8.8 |
| 2017-05-22 | CVE-2016-4901 | Untrusted Search Path vulnerability in National TAX Agency E-Tax Untrusted search path vulnerability in The installer of e-Tax Software all versions allows remote attackers to gain privileges via a Trojan horse DLL in an unspecified directory. | 7.8 |
| 2017-05-22 | CVE-2016-4900 | Untrusted Search Path vulnerability in Evernote Untrusted search path vulnerability in Evernote for Windows versions prior to 6.3 allows remote attackers to gain privileges via a Trojan horse DLL in an unspecified directory. | 7.8 |
| 2017-05-22 | CVE-2016-4854 | Cross-Site Request Forgery (CSRF) vulnerability in Nttdocomo L-04D Firmware V10A/V10B Cross-site request forgery (CSRF) vulnerability in L-04D firmware version V10a and V10b allows remote attackers to hijack the authentication of administrators to perform arbitrary operations via unspecified vectors. | 8.8 |