Skip to main content
CVE-2017-2207 HIGH This Week

Untrusted search path vulnerability in the installer of SaAT Personal ver.1.0.10.272 and earlier allows an attacker to gain privileges via a Trojan horse DLL in an unspecified directory. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Information Disclosure Personal
NVD
CVSS 3.0
8.8
EPSS
1.5%
CVE-2017-2206 HIGH This Week

Untrusted search path vulnerability in the installer of SaAT Netizen ver.1.2.10.510 and earlier allows an attacker to gain privileges via a Trojan horse DLL in an unspecified directory. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Information Disclosure Netizen
NVD
CVSS 3.0
8.8
EPSS
1.5%
CVE-2016-7803 HIGH This Week

SQL injection vulnerability in the Cybozu Garoon 3.0.0 to 4.2.2 allows remote authenticated attackers to execute arbitrary SQL commands via "MultiReport" function. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

SQLi Garoon
NVD
CVSS 3.0
8.8
EPSS
1.2%
CVE-2017-2177 HIGH This Week

Untrusted search path vulnerability in Installer of Shogyo Touki Denshi Ninsho Software Ver 1.7 and earlier allows an attacker to gain privileges via a Trojan horse DLL in an unspecified directory. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Information Disclosure Touki Denshi
NVD
CVSS 3.0
8.8
EPSS
0.9%
CVE-2017-2179 HIGH This Week

Hands-on Vulnerability Learning Tool "AppGoat" for Web Application V3.0.2 and earlier allows remote code execution via unspecified vectors, a different vulnerability than CVE-2017-2181 and. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

RCE Appgoat
NVD
CVSS 3.0
8.8
EPSS
0.9%
CVE-2017-2195 HIGH This Week

SQL injection vulnerability in the Multi Feed Reader prior to version 2.2.4 allows authenticated attackers to execute arbitrary SQL commands via unspecified vectors. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

SQLi Multi Feed Reader
NVD
CVSS 3.0
8.8
EPSS
0.8%
CVE-2017-2178 HIGH This Week

Untrusted search path vulnerability in Installer of electronic tendering and bid opening system available prior to May 25, 2017 allows an attacker to gain privileges via a Trojan horse DLL in an. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Information Disclosure Electronic Tendering And Bid Opening System
NVD
CVSS 3.0
8.8
EPSS
0.5%
CVE-2016-7824 HIGH This Week

Buffalo NC01WH devices with firmware version 1.0.0.8 and earlier allows authenticated attackers to bypass access restriction to enable the debug option via unspecified vectors. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Authentication Bypass Wnc01Wh Firmware
NVD
CVSS 3.0
8.8
EPSS
0.5%
CVE-2017-2182 HIGH This Week

Hands-on Vulnerability Learning Tool "AppGoat" for Web Application V3.0.2 and earlier allow remote attackers to obtain local files via unspecified vectors, a different vulnerability than. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Information Disclosure Appgoat
NVD
CVSS 3.0
8.8
EPSS
0.5%
CVE-2017-2181 HIGH This Week

Hands-on Vulnerability Learning Tool "AppGoat" for Web Application V3.0.2 and earlier allow remote attackers to obtain local files via unspecified vectors, a different vulnerability than. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Information Disclosure Appgoat
NVD
CVSS 3.0
8.8
EPSS
0.5%
CVE-2016-7830 HIGH This Week

Sony PCS-XG100, PCS-XG100S, PCS-XG100C, PCS-XG77, PCS-XG77S, PCS-XG77C devices with firmware versions prior to Ver.1.51 and PCS-XC1 devices with firmware version prior to Ver.1.22 allow an attacker. Rated high severity (CVSS 8.8), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Authentication Bypass Pcs Xg100 Firmware Pcs Xg77 Firmware Pcs Xc1 Firmware
NVD
CVSS 3.0
8.8
EPSS
0.5%
CVE-2016-4907 HIGH This Week

Cybozu Garoon 3.0.0 to 4.2.2 allow remote attackers to obtain CSRF tokens via unspecified vectors. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

CSRF Garoon
NVD
CVSS 3.0
8.8
EPSS
0.3%
CVE-2016-7809 HIGH This Week

Cross-site request forgery (CSRF) vulnerability in Corega CG-WLR300NX firmware Ver. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

CSRF Cg Wlr300Nx Firmware
NVD
CVSS 3.0
8.8
EPSS
0.2%
CVE-2016-7822 HIGH This Week

Cross-site request forgery (CSRF) vulnerability in Buffalo WNC01WH devices with firmware version 1.0.0.8 and earlier allows remote attackers to hijack the authentication of a logged in user to. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

CSRF Wnc01Wh Firmware
NVD
CVSS 3.0
8.8
EPSS
0.1%
CVE-2016-7811 HIGH This Week

Corega CG-WLR300NX firmware Ver. Rated high severity (CVSS 8.8), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Authentication Bypass Cg Wlr300Nx Firmware
NVD
CVSS 3.0
8.8
EPSS
0.1%
CVE-2017-2214 HIGH This Week

Untrusted search path vulnerability in AppCheck and AppCheck Pro prior to version 2.0.1.15 allows an attacker to execute arbitrary code via a specially crafted executable file in an unspecified. Rated high severity (CVSS 8.4), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

RCE Appcheck Appcheck Pro
NVD
CVSS 3.0
8.4
EPSS
0.3%
CVE-2016-4902 HIGH This Week

Untrusted search path vulnerability in The Public Certification Service for Individuals "The JPKI user's software (for Windows 7 and later)" Ver3.0.1 and earlier, The Public Certification Service for. Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Microsoft Information Disclosure The Public Certification Service For Individuals The Public Certification Service For Individuals For Windows 7 The Public Certification Service For Individuals For Windows Vista
NVD
CVSS 3.0
7.8
EPSS
1.0%
CVE-2016-7838 HIGH PATCH This Week

Untrusted search path vulnerability in WinSparkle versions prior to 0.5.3 allows remote attackers to execute arbitrary code via a specially crafted executable file in an unspecified directory. Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attack complexity.

RCE Winsparkle
NVD GitHub
CVSS 3.0
7.8
EPSS
0.7%
CVE-2016-7837 HIGH PATCH This Week

Buffer overflow in BlueZ 5.41 and earlier allows an attacker to execute arbitrary code via the parse_line function used in some userland utilities. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity.

Buffer Overflow RCE Bluez
NVD
CVSS 3.0
7.8
EPSS
0.5%
CVE-2017-2176 HIGH This Week

Untrusted search path vulnerability in screensaver installers (jasdf_01.exe, jasdf_02.exe, jasdf_03.exe, jasdf_04.exe, jasdf_05.exe, scramble_setup.exe, clock_01_setup.exe, clock_02_setup.exe). Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Information Disclosure Screensavers
NVD
CVSS 3.0
7.8
EPSS
0.4%
CVE-2017-2193 HIGH This Week

Untrusted search path vulnerability in the installer of Tera Term 4.94 and earlier allows an attacker to gain privileges via a Trojan horse DLL in an unspecified directory. Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Information Disclosure Tera Term
NVD
CVSS 3.0
7.8
EPSS
0.4%
CVE-2017-2209 HIGH PATCH This Week

Untrusted search path vulnerability in the installer of Houkokusyo Sakusei Shien Tool ver3.0.2 (For the first installation) (The version which was available on the website from 2017 April 4 to 2017. Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attack complexity.

Information Disclosure Installer Of Houkokusyo Sakusei Shien Tool
NVD
CVSS 3.0
7.8
EPSS
0.2%
CVE-2016-7818 HIGH PATCH This Week

Untrusted search path vulnerability in Installers for Specification check program (social insurance) Ver. Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attack complexity.

Privilege Escalation Device Data Encryption Program Specification Check Program Todokesho Creation Program Todokesho Print Program
NVD
CVSS 3.0
7.8
EPSS
0.2%
CVE-2017-2192 HIGH This Week

Untrusted search path vulnerability in RW-5100 tool to verify execution environment for Windows 7 version 1.1.0.0 and RW-5100 tool to verify execution environment for Windows 8.1 version 1.2.0.0. Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Microsoft Information Disclosure Rw 5100
NVD
CVSS 3.0
7.8
EPSS
0.2%
CVE-2017-2190 HIGH This Week

Untrusted search path vulnerability in RW-4040 tool to verify execution environment for Windows 7 version 1.2.0.0 allows an attacker to gain privileges via a Trojan horse DLL in an unspecified. Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Microsoft Information Disclosure Rw 4040
NVD
CVSS 3.0
7.8
EPSS
0.2%
CVE-2017-2210 HIGH This Week

Untrusted search path vulnerability in PatchJGD (PatchJGD101.EXE) ver. Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Information Disclosure Patchjgd
NVD
CVSS 3.0
7.8
EPSS
0.2%
CVE-2017-2189 HIGH This Week

Untrusted search path vulnerability in RW-4040 driver installer for Windows 7 version 2.27 allows an attacker to gain privileges via a Trojan horse DLL in an unspecified directory. Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Microsoft Information Disclosure Rw 4040
NVD
CVSS 3.0
7.8
EPSS
0.2%
CVE-2017-2219 HIGH This Week

Untrusted search path vulnerability in the [Simeji for Windows] installer (simeji.exe) allows an attacker to gain privileges via a Trojan horse DLL in an unspecified directory. Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Microsoft Information Disclosure Simeji
NVD
CVSS 3.0
7.8
EPSS
0.1%
CVE-2017-2213 HIGH This Week

Untrusted search path vulnerability in SemiDynaEXE (SemiDynaEXE2008.EXE) ver. Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Information Disclosure Semidynaexe
NVD
CVSS 3.0
7.8
EPSS
0.1%
CVE-2017-2212 HIGH This Week

Untrusted search path vulnerability in TKY2JGD (TKY2JGD1379.EXE) ver. Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Information Disclosure Tky2Jgd
NVD
CVSS 3.0
7.8
EPSS
0.1%
CVE-2017-2211 HIGH This Week

Untrusted search path vulnerability in PatchJGD (Hyoko) (PatchJGDh101.EXE) ver. Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Information Disclosure Patchjgd
NVD
CVSS 3.0
7.8
EPSS
0.1%
CVE-2017-2191 HIGH This Week

Untrusted search path vulnerability in RW-5100 driver installer for Windows 7 version 1.0.0.9 and RW-5100 driver installer for Windows 8.1 version 1.0.1.0 allows an attacker to gain privileges via a. Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Microsoft Information Disclosure Rw 5100 Driver Installer For Windows 7 Rw 5100 Driver Installer For Windows 8 1
NVD
CVSS 3.0
7.8
EPSS
0.1%
CVE-2016-7814 HIGH This Week

I-O DATA DEVICE TS-WRLP firmware version 1.00.01 and earlier and TS-WRLA firmware version 1.00.01 and earlier allow remote attackers to obtain authentication credentials via unspecified vectors. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Information Disclosure Ts Wrlp Firmware Ts Wrla Firmware
NVD
CVSS 3.0
7.5
EPSS
1.5%
CVE-2017-0375 HIGH PATCH This Week

The hidden-service feature in Tor before 0.3.0.8 allows a denial of service (assertion failure and daemon exit) in the relay_send_end_cell_from_edge_ function via a malformed BEGIN cell. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity.

Denial Of Service Tor
NVD GitHub
CVSS 3.0
7.5
EPSS
1.4%
CVE-2016-7833 HIGH This Week

Cybozu Dezie 8.0.0 to 8.1.1 allows remote attackers to bypass access restrictions to delete an arbitrary DBM (Cybozu Dezie proprietary format) file via unspecified vectors. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Authentication Bypass Dezie
NVD
CVSS 3.0
7.5
EPSS
0.9%
CVE-2017-0376 HIGH PATCH This Week

The hidden-service feature in Tor before 0.3.0.8 allows a denial of service (assertion failure and daemon exit) in the connection_edge_process_relay_cell function via a BEGIN_DIR cell on a rendezvous. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity.

Denial Of Service Tor Debian Linux
NVD GitHub
CVSS 3.0
7.5
EPSS
0.8%
CVE-2016-7807 HIGH PATCH This Week

I-O DATA DEVICE WFS-SR01 firmware version 1.10 and earlier allow remote attackers to bypass access restriction to access data on storage devices inserted into the product via unspecified vectors. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity.

Authentication Bypass Wfs Sr01 Firmware
NVD
CVSS 3.0
7.5
EPSS
0.8%
CVE-2016-7820 HIGH This Week

Buffer overflow in I-O DATA DEVICE TS-WRLP firmware version 1.01.02 and earlier and TS-WRLA firmware version 1.01.02 and earlier allows an attacker with administrator rights to cause a. Rated high severity (CVSS 7.2), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Buffer Overflow RCE Ts Wrlp Firmware Ts Wrla Firmware
NVD
CVSS 3.0
7.2
EPSS
1.1%
CVE-2016-7819 HIGH This Week

I-O DATA DEVICE TS-WRLP firmware version 1.01.02 and earlier and TS-WRLA firmware version 1.01.02 and earlier allows an attacker with administrator rights to execute arbitrary OS commands via. Rated high severity (CVSS 7.2), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Command Injection Ts Wrlp Firmware Ts Wrla Firmware
NVD
CVSS 3.0
7.2
EPSS
0.9%

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy