|
254751
|
7.8 |
HIGH
Local
|
xnview
|
xnview
|
XnView Classic for Windows Version 2.40 allows attackers to execute arbitrary code or cause a denial of service via a crafted .jb2 file, related to a "User Mode Write AV starting at ntdll_77400000!Rt…
|
CWE-119
Incorrect Access of Indexable Resource ('Range Error')
|
CVE-2017-14270
|
2024-11-21 12:12 |
2017-09-12 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
254752
|
7.8 |
HIGH
Local
|
jungo
|
windriver
|
This vulnerability allows local attackers to escalate privileges on Jungo WinDriver 12.4.0 and earlier. An attacker must first obtain the ability to execute low-privileged code on the target system i…
|
CWE-119
Incorrect Access of Indexable Resource ('Range Error')
|
CVE-2017-14153
|
2024-11-21 12:12 |
2017-09-12 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
254753
|
7.8 |
HIGH
Local
|
jungo
|
windriver
|
This vulnerability allows local attackers to escalate privileges on Jungo WinDriver 12.4.0 and earlier. An attacker must first obtain the ability to execute low-privileged code on the target system i…
|
CWE-787
Out-of-bounds Write
|
CVE-2017-14075
|
2024-11-21 12:12 |
2017-09-12 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
254754
|
9.8 |
CRITICAL
Network
|
ee
|
4gee_wifi_mbb_firmware
|
EE 4GEE WiFi MBB (before EE60_00_05.00_31) devices allow remote attackers to obtain sensitive information via a JSONP endpoint, as demonstrated by passwords and SMS content.
|
CWE-200
Information Exposure
|
CVE-2017-14269
|
2024-11-21 12:12 |
2017-09-11 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
254755
|
6.1 |
MEDIUM
Network
|
ee
|
4gee_wifi_mbb_firmware
|
EE 4GEE WiFi MBB (before EE60_00_05.00_31) devices have XSS in the sms_content parameter in a getSMSlist request.
|
CWE-79
Cross-site Scripting
|
CVE-2017-14268
|
2024-11-21 12:12 |
2017-09-11 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
254756
|
8.8 |
HIGH
Network
|
ee
|
4gee_wifi_mbb_firmware
|
EE 4GEE WiFi MBB (before EE60_00_05.00_31) devices have CSRF, related to goform/AddNewProfile, goform/setWanDisconnect, goform/setSMSAutoRedirectSetting, goform/setReset, and goform/uploadBackupSetti…
|
CWE-352
Origin Validation Error
|
CVE-2017-14267
|
2024-11-21 12:12 |
2017-09-11 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
254757
|
9.8 |
CRITICAL
Network
|
libraw
|
libraw
|
A Stack-based Buffer Overflow was discovered in xtrans_interpolate in internal/dcraw_common.cpp in LibRaw before 0.18.3. It could allow a remote denial of service or code execution attack.
|
CWE-119
Incorrect Access of Indexable Resource ('Range Error')
|
CVE-2017-14265
|
2024-11-21 12:12 |
2017-09-11 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
254758
|
8.1 |
HIGH
Network
|
samsung
|
srn_1670d_firmware
srn_1000_firmware
srn_472s_firmware
srn_470d_firmware
|
On Samsung NVR devices, remote attackers can read the MD5 password hash of the 'admin' account via certain szUserName JSON data to cgi-bin/main-cgi, and login to the device with that hash in the szUs…
|
CWE-326
Inadequate Encryption Strength
|
CVE-2017-14262
|
2024-11-21 12:12 |
2017-09-11 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
254759
|
7.8 |
HIGH
Local
|
bento4
|
bento4
|
In the SDK in Bento4 1.5.0-616, the AP4_StszAtom class in Ap4StszAtom.cpp file contains a Read Memory Access Violation vulnerability. It is possible to exploit this vulnerability by opening a crafted…
|
CWE-119
Incorrect Access of Indexable Resource ('Range Error')
|
CVE-2017-14261
|
2024-11-21 12:12 |
2017-09-11 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
254760
|
7.8 |
HIGH
Local
|
axiosys
|
bento4
|
In the SDK in Bento4 1.5.0-616, the AP4_StssAtom class in Ap4StssAtom.cpp contains a Write Memory Access Violation vulnerability. It is possible to exploit this vulnerability and possibly execute arb…
|
CWE-119
Incorrect Access of Indexable Resource ('Range Error')
|
CVE-2017-14260
|
2024-11-21 12:12 |
2017-09-11 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
