|
246921
|
5.9 |
MEDIUM
Network
|
blackberry
|
qnx_software_development_platform
|
In BlackBerry QNX Software Development Platform (SDP) 6.6.0 and 6.5.0 SP1 and earlier, a loss of integrity vulnerability in the default configuration of the QNX SDP could allow an attacker being able…
|
CWE-332
Insufficient Entropy in PRNG
|
CVE-2017-9371
|
2024-11-21 12:35 |
2017-11-15 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
246922
|
4.9 |
MEDIUM
Network
|
blackberry
|
qnx_software_development_platform
|
In BlackBerry QNX Software Development Platform (SDP) 6.6.0 and 6.5.0 SP1 and earlier, an information disclosure vulnerability in the default configuration of the QNX SDP could allow an attacker to g…
|
CWE-200
Information Exposure
|
CVE-2017-9369
|
2024-11-21 12:35 |
2017-11-15 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
246923
|
6.1 |
MEDIUM
Network
|
kodak
|
insite
|
Multiple cross-site scripting (XSS) vulnerabilities in Kodak InSite 6.5 to 8.0 allow remote attackers to inject arbitrary web script via the (1) "paramFile" parameter to /Site/Troubleshooting/Diagnos…
|
CWE-79
Cross-site Scripting
|
CVE-2017-9085
|
2024-11-21 12:35 |
2017-11-15 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
246924
|
8.8 |
HIGH
Network
|
dahuasecurity
|
nvr5464-16p-4ks2_firmware
nvr5208-8p-4ks2_firmware
nvr5432-16p-4ks2_firmware
nvr5416-16p-4ks2_firmware
nvr5464-4ks2_firmware
nvr5432-4ks2_firmware
nvr5416-4ks2_firmware
nvr5232-1…
|
Authentication vulnerability found in Dahua NVR models NVR50XX, NVR52XX, NVR54XX, NVR58XX with software before DH_NVR5xxx_Eng_P_V2.616.0000.0.R.20171102. Attacker could exploit this vulnerability to …
|
CWE-287
Improper Authentication
|
CVE-2017-9314
|
2024-11-21 12:35 |
2017-11-14 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
246925
|
8.8 |
HIGH
Network
|
itextpdf
|
itext
|
The XML parsers in iText before 5.5.12 and 7.x before 7.0.3 do not disable external entities, which might allow remote attackers to conduct XML external entity (XXE) attacks via a crafted PDF.
|
CWE-611
XXE
|
CVE-2017-9096
|
2024-11-21 12:35 |
2017-11-9 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
246926
|
8.8 |
HIGH
Network
|
barco
|
clickshare_csm-1_firmware
clickshare_csc-1_firmware
|
A command injection was identified on Barco ClickShare Base Unit devices with CSM-1 firmware before 1.7.0.3 and CSC-1 firmware before 1.10.0.10. An attacker with access to the product's web API can e…
|
CWE-78
OS Command
|
CVE-2017-9377
|
2024-11-21 12:35 |
2017-10-30 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
246927
|
7.5 |
HIGH
Network
|
blackberry
|
workspaces_vapp
workspaces_appliance-x
|
An information disclosure vulnerability in the BlackBerry Workspaces Server could result in an attacker gaining access to source code for server-side applications by crafting a request for specific f…
|
CWE-200
Information Exposure
|
CVE-2017-9368
|
2024-11-21 12:35 |
2017-10-17 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
246928
|
9.8 |
CRITICAL
Network
|
blackberry
|
workspaces_vapp
workspaces_appliance-x
|
A directory traversal vulnerability in the BlackBerry Workspaces Server could potentially allow an attacker to execute or upload arbitrary files, or reveal the content of arbitrary files anywhere on …
|
CWE-22
Path Traversal
|
CVE-2017-9367
|
2024-11-21 12:35 |
2017-10-17 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
246929
|
9.8 |
CRITICAL
Network
|
hp
|
operations_orchestration
|
A input validation vulnerability in HPE Operations Orchestration product all versions prior to 10.80, allows for the execution of code remotely.
|
CWE-20
Improper Input Validation
|
CVE-2017-8994
|
2024-11-21 12:35 |
2017-10-11 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
246930
|
5.3 |
MEDIUM
Network
|
microfocus
|
bi-directional_driver
|
The Bi-directional driver in IDM 4.5 before 4.0.3.0 could be susceptible to unauthorized log configuration changes.
|
NVD-CWE-noinfo
|
CVE-2017-9273
|
2024-11-21 12:35 |
2017-10-7 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
