Vulnerabilities > High
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2017-06-09 | CVE-2016-7819 | OS Command Injection vulnerability in Iodata Ts-Wrla Firmware and Ts-Wrlp Firmware I-O DATA DEVICE TS-WRLP firmware version 1.01.02 and earlier and TS-WRLA firmware version 1.01.02 and earlier allows an attacker with administrator rights to execute arbitrary OS commands via unspecified vectors. | 7.2 |
| 2017-06-09 | CVE-2016-7818 | Permissions, Privileges, and Access Controls vulnerability in Japan Pension Service products Untrusted search path vulnerability in Installers for Specification check program (social insurance) Ver. | 7.8 |
| 2017-06-09 | CVE-2016-7814 | Information Exposure vulnerability in Iodata Ts-Wrla Firmware and Ts-Wrlp Firmware I-O DATA DEVICE TS-WRLP firmware version 1.00.01 and earlier and TS-WRLA firmware version 1.00.01 and earlier allow remote attackers to obtain authentication credentials via unspecified vectors. | 7.5 |
| 2017-06-09 | CVE-2016-7811 | Improper Access Control vulnerability in Corega Cg-Wlr300Nx Firmware 1.20 Corega CG-WLR300NX firmware Ver. | 8.8 |
| 2017-06-09 | CVE-2016-7809 | Cross-Site Request Forgery (CSRF) vulnerability in Corega Cg-Wlr300Nx Firmware 1.20 Cross-site request forgery (CSRF) vulnerability in Corega CG-WLR300NX firmware Ver. | 8.8 |
| 2017-06-09 | CVE-2016-7807 | Improper Access Control vulnerability in Iodata Wfs-Sr01 Firmware 1.10 I-O DATA DEVICE WFS-SR01 firmware version 1.10 and earlier allow remote attackers to bypass access restriction to access data on storage devices inserted into the product via unspecified vectors. | 7.5 |
| 2017-06-09 | CVE-2016-7803 | SQL Injection vulnerability in Cybozu Garoon SQL injection vulnerability in the Cybozu Garoon 3.0.0 to 4.2.2 allows remote authenticated attackers to execute arbitrary SQL commands via "MultiReport" function. | 8.8 |
| 2017-06-09 | CVE-2016-4907 | Cross-Site Request Forgery (CSRF) vulnerability in Cybozu Garoon Cybozu Garoon 3.0.0 to 4.2.2 allow remote attackers to obtain CSRF tokens via unspecified vectors. | 8.8 |
| 2017-06-09 | CVE-2016-4902 | Untrusted Search Path vulnerability in Jpki products Untrusted search path vulnerability in The Public Certification Service for Individuals "The JPKI user's software (for Windows 7 and later)" Ver3.0.1 and earlier, The Public Certification Service for Individuals "The JPKI user's software (for Windows Vista)" Ver3.0.1 and earlier and The Public Certification Service for Individuals "The JPKI user's software" Ver2.6 and earlier allows remote attackers to gain privileges via a Trojan horse DLL in an unspecified directory. | 7.8 |
| 2017-06-08 | CVE-2017-1319 | Inadequate Encryption Strength vulnerability in IBM Tivoli Federated Identity Manager 6.2.0/6.2.1/6.2.2 IBM Tivoli Federated Identity Manager 6.2 is affected by a vulnerability due to a missing secure attribute in encrypted session (SSL) cookie. | 7.5 |