Security Vulnerabilities - CVEs Published In July 2017
Open redirect vulnerability in WordPress Download Manager prior to version 2.9.51 allows remote attackers to redirect users to arbitrary web sites and conduct phishing attacks via unspecified vectors.
CVSS Score
6.1
EPSS Score
0.004
Published
2017-07-07
Untrusted search path vulnerability in Installer of QuickTime for Windows allows an attacker to gain privileges via a Trojan horse DLL in an unspecified directory.
CVSS Score
7.8
EPSS Score
0.002
Published
2017-07-07
Untrusted search path vulnerability in Installer of CASL II simulator (self-extract format) allows an attacker to gain privileges via a Trojan horse DLL in an unspecified directory.
CVSS Score
7.8
EPSS Score
0.002
Published
2017-07-07
Cross-site scripting vulnerability in WP-Members prior to version 3.1.8 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors.
CVSS Score
6.1
EPSS Score
0.003
Published
2017-07-07
Cross-site request forgery (CSRF) vulnerability in TS-WPTCAM, TS-PTCAM, TS-PTCAM/POE, TS-WLC2, TS-WLCE, TS-WRLC firmware version 1.19 and earlier and TS-WPTCAM2 firmware version 1.01 and earlier allows remote attackers to hijack the authentication of administrators via unspecified vectors.
CVSS Score
8.8
EPSS Score
0.001
Published
2017-07-07
Cross-site scripting vulnerability in Event Calendar WD prior to version 1.0.94 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors.
CVSS Score
6.1
EPSS Score
0.004
Published
2017-07-07
Untrusted search path vulnerability in EbidSettingChecker.exe (version 1.0.0.0) allows an attacker to gain privileges via a Trojan horse DLL in an unspecified directory.
CVSS Score
9.8
EPSS Score
0.006
Published
2017-07-07
Untrusted search path vulnerability in Setup file of advance preparation for e-Tax software (WEB version) (1.17.1) and earlier allows an attacker to gain privileges via a Trojan horse DLL in an unspecified directory.
CVSS Score
7.8
EPSS Score
0.002
Published
2017-07-07
Untrusted search path vulnerability in The installer of Charamin OMP Version 1.1.7.4 and earlier, Version 1.2.0.0 Beta and earlier allows an attacker to gain privileges via a Trojan horse DLL in an unspecified directory.
CVSS Score
7.8
EPSS Score
0.002
Published
2017-07-07
The getNodeSize function in ext/rtree/rtree.c in SQLite through 3.19.3, as used in GDAL and other products, mishandles undersized RTree blobs in a crafted database, leading to a heap-based buffer over-read or possibly unspecified other impact.
CVSS Score
9.8
EPSS Score
0.113
Published
2017-07-07