Vulnerabilities > High
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2017-06-09 | CVE-2017-2178 | Untrusted Search Path vulnerability in Atla Electronic Tendering and BID Opening System Untrusted search path vulnerability in Installer of electronic tendering and bid opening system available prior to May 25, 2017 allows an attacker to gain privileges via a Trojan horse DLL in an unspecified directory. | 8.8 |
| 2017-06-09 | CVE-2017-2177 | Untrusted Search Path vulnerability in Shogyo Touki Denshi 1.7 Untrusted search path vulnerability in Installer of Shogyo Touki Denshi Ninsho Software Ver 1.7 and earlier allows an attacker to gain privileges via a Trojan horse DLL in an unspecified directory. | 8.8 |
| 2017-06-09 | CVE-2017-2176 | Untrusted Search Path vulnerability in Jasdf Screensavers Untrusted search path vulnerability in screensaver installers (jasdf_01.exe, jasdf_02.exe, jasdf_03.exe, jasdf_04.exe, jasdf_05.exe, scramble_setup.exe, clock_01_setup.exe, clock_02_setup.exe) available prior to May 25, 2017 allows an attacker to gain privileges via a Trojan horse DLL in an unspecified directory. | 7.8 |
| 2017-06-09 | CVE-2016-7838 | Untrusted Search Path vulnerability in Winsparkle Untrusted search path vulnerability in WinSparkle versions prior to 0.5.3 allows remote attackers to execute arbitrary code via a specially crafted executable file in an unspecified directory. | 7.8 |
| 2017-06-09 | CVE-2016-7837 | Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in Bluez Buffer overflow in BlueZ 5.41 and earlier allows an attacker to execute arbitrary code via the parse_line function used in some userland utilities. | 7.8 |
| 2017-06-09 | CVE-2016-7833 | Improper Access Control vulnerability in Cybozu Dezie Cybozu Dezie 8.0.0 to 8.1.1 allows remote attackers to bypass access restrictions to delete an arbitrary DBM (Cybozu Dezie proprietary format) file via unspecified vectors. | 7.5 |
| 2017-06-09 | CVE-2016-7830 | Missing Authentication for Critical Function vulnerability in Sony products Sony PCS-XG100, PCS-XG100S, PCS-XG100C, PCS-XG77, PCS-XG77S, PCS-XG77C devices with firmware versions prior to Ver.1.51 and PCS-XC1 devices with firmware version prior to Ver.1.22 allow an attacker on the same network segment to bypass authentication to perform administrative operations via unspecified vectors. | 8.8 |
| 2017-06-09 | CVE-2016-7824 | Improper Access Control vulnerability in Buffalotech Wnc01Wh Firmware 1.0.0.8 Buffalo NC01WH devices with firmware version 1.0.0.8 and earlier allows authenticated attackers to bypass access restriction to enable the debug option via unspecified vectors. | 8.8 |
| 2017-06-09 | CVE-2016-7822 | Cross-Site Request Forgery (CSRF) vulnerability in Buffalotech Wnc01Wh Firmware 1.0.0.8 Cross-site request forgery (CSRF) vulnerability in Buffalo WNC01WH devices with firmware version 1.0.0.8 and earlier allows remote attackers to hijack the authentication of a logged in user to perform unintended operations via unspecified vectors. | 8.8 |
| 2017-06-09 | CVE-2016-7820 | Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in Iodata Ts-Wrla Firmware and Ts-Wrlp Firmware Buffer overflow in I-O DATA DEVICE TS-WRLP firmware version 1.01.02 and earlier and TS-WRLA firmware version 1.01.02 and earlier allows an attacker with administrator rights to cause a denial-of-service (DoS) or execute arbitrary code via unspecified vectors. | 7.2 |