Security Vulnerabilities, CVEs, Published In October 2017 (File inclusion)
The embedded web server on ABB Fox515T 1.0 devices is vulnerable to Local File Inclusion. It accepts a parameter that specifies a file for display or for use as a template. The filename is not validated; an attacker could retrieve any file.
Max CVSS
6.5
EPSS Score
0.08%
Published
2017-10-18
Updated
2023-05-16
Untrusted search path vulnerability in HIBUN Confidential File Decryption program prior to 10.50.0.5 allows an attacker to gain privileges via a Trojan horse DLL in an unspecified directory. Note this is a separate vulnerability from CVE-2017-10863.
Max CVSS
9.3
EPSS Score
0.06%
Published
2017-10-12
Updated
2017-10-20
Untrusted search path vulnerability in Installer of HIBUN Confidential File Viewer prior to 11.20.0001 allows an attacker to gain privileges via a Trojan horse DLL in an unspecified directory.
Max CVSS
9.3
EPSS Score
0.06%
Published
2017-10-12
Updated
2017-10-20
Untrusted search path vulnerability in HIBUN Confidential File Decryption program prior to 10.50.0.5 allows an attacker to gain privileges via a Trojan horse DLL in an unspecified directory. Note this is a separate vulnerability from CVE-2017-10865.
Max CVSS
9.3
EPSS Score
0.06%
Published
2017-10-12
Updated
2017-10-20
The agent in Bomgar Remote Support 15.2.x before 15.2.3, 16.1.x before 16.1.5, and 16.2.x before 16.2.4 allows DLL hijacking because of weak %SYSTEMDRIVE%\ProgramData permissions.
Max CVSS
9.3
EPSS Score
0.05%
Published
2017-10-26
Updated
2019-11-18
5 vulnerabilities found