|
255151
|
5.9 |
MEDIUM
Network
|
bouncycastle
|
legion-of-the-bouncy-castle-java-crytography-api
|
BouncyCastle TLS prior to version 1.0.3, when configured to use the JCE (Java Cryptography Extension) for cryptographic functions, provides a weak Bleichenbacher oracle when any TLS cipher suite usin…
|
CWE-203
Information Exposure Through Discrepancy
|
CVE-2017-13098
|
2024-11-21 12:10 |
2017-12-13 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
255152
|
7.8 |
HIGH
Local
|
qnap
|
qsync
|
A DLL Hijacking vulnerability in QNAP Qsync for Windows (exe) version 4.2.2.0724 and earlier could allow remote attackers to execute arbitrary code on Windows machines.
|
CWE-426
Untrusted Search Path
|
CVE-2017-13070
|
2024-11-21 12:10 |
2017-12-12 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
255153
|
7.8 |
HIGH
Local
|
kaspersky
|
embedded_systems_security
|
Kernel pool memory corruption in one of drivers in Kaspersky Embedded Systems Security version 1.2.0.300 leads to local privilege escalation.
|
CWE-119
Incorrect Access of Indexable Resource ('Range Error')
|
CVE-2017-12823
|
2024-11-21 12:10 |
2017-12-9 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
255154
|
9.8 |
CRITICAL
Network
|
qnap
|
video_station
|
QNAP has already patched this vulnerability. This security concern allows a remote attacker to run arbitrary commands on the QNAP Video Station 5.1.3 (for QTS 4.3.3), 5.2.0 (for QTS 4.3.4), and earli…
|
CWE-77
Command Injection
|
CVE-2017-13071
|
2024-11-21 12:10 |
2017-11-23 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
255155
|
9.8 |
CRITICAL
Network
|
siemens
|
sm-2556_firmware
|
An issue was discovered on Siemens SICAM RTUs SM-2556 COM Modules with the firmware variants ENOS00, ERAC00, ETA2, ETLS00, MODi00, and DNPi00. The integrated web server (port 80/tcp) of the affected …
|
CWE-1188
Insecure Default Initialization of Resource
|
CVE-2017-12739
|
2024-11-21 12:10 |
2017-11-15 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
255156
|
6.1 |
MEDIUM
Network
|
siemens
|
sm-2556_firmware
|
An issue was discovered on Siemens SICAM RTUs SM-2556 COM Modules with the firmware variants ENOS00, ERAC00, ETA2, ETLS00, MODi00, and DNPi00. The integrated web server (port 80/tcp) of the affected …
|
CWE-79
Cross-site Scripting
|
CVE-2017-12738
|
2024-11-21 12:10 |
2017-11-15 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
255157
|
5.3 |
MEDIUM
Network
|
siemens
|
sm-2556_firmware
|
An issue was discovered on Siemens SICAM RTUs SM-2556 COM Modules with the firmware variants ENOS00, ERAC00, ETA2, ETLS00, MODi00, and DNPi00. The integrated web server (port 80/tcp) of the affected …
|
CWE-200
Information Exposure
|
CVE-2017-12737
|
2024-11-21 12:10 |
2017-11-15 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
255158
|
8.8 |
HIGH
Network
|
avaya
|
ip_office_contact_center
|
Buffer overflow in the ViewerCtrlLib.ViewerCtrl ActiveX control in Avaya IP Office Contact Center before 10.1.1 allows remote attackers to cause a denial of service (heap corruption and crash) or exe…
|
CWE-119
Incorrect Access of Indexable Resource ('Range Error')
|
CVE-2017-12969
|
2024-11-21 12:10 |
2017-11-10 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
255159
|
6.5 |
MEDIUM
Network
|
matroska
|
mkclean
|
The Node_ValidatePtr function in corec/corec/node/node.c in mkclean 0.8.9 allows remote attackers to cause a denial of service (assert fault) via a crafted mkv file.
|
CWE-476
NULL Pointer Dereference
|
CVE-2017-12803
|
2024-11-21 12:10 |
2017-11-10 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
255160
|
6.5 |
MEDIUM
Network
|
matroska
|
libebml2
mkclean
mkvalidator
|
The EBML_IntegerValue function in ebmlnumber.c in libebml2 through 2012-08-26 allows remote attackers to cause a denial of service (assert fault) via a crafted mkv file.
|
CWE-20
Improper Input Validation
|
CVE-2017-12802
|
2024-11-21 12:10 |
2017-11-10 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
