|
248921
|
6.1 |
MEDIUM
Network
|
buffalo
|
wmr-433_firmware
wmr-433w_firmware
|
Cross-site scripting vulnerability in WMR-433 firmware Ver.1.02 and earlier, WMR-433W firmware Ver.1.40 and earlier allows remote attackers to inject arbitrary web script or HTML via unspecified vect…
|
CWE-79
Cross-site Scripting
|
CVE-2017-2274
|
2024-11-21 12:23 |
2017-07-22 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
248922
|
8.8 |
HIGH
Network
|
buffalo
|
wmr-433_firmware
wmr-433w_firmware
|
Cross-site request forgery (CSRF) vulnerability in WMR-433 firmware Ver.1.02 and earlier, WMR-433W firmware Ver.1.40 and earlier allows remote attackers to hijack the authentication of administrators…
|
CWE-352
Origin Validation Error
|
CVE-2017-2273
|
2024-11-21 12:23 |
2017-07-22 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
248923
|
6.5 |
MEDIUM
Network
|
apple
|
iphone_os
|
An issue was discovered in certain Apple products. iOS before 10.3.3 is affected. The issue involves the "Safari" component. It allows remote attackers to spoof the address bar via a crafted web site.
|
CWE-20
Improper Input Validation
|
CVE-2017-2517
|
2024-11-21 12:23 |
2017-07-21 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
248924
|
6.5 |
MEDIUM
Network
|
moodle
|
moodle
|
Moodle 3.x has user fullname disclosure on the user preferences page.
|
CWE-200
Information Exposure
|
CVE-2017-2642
|
2024-11-21 12:23 |
2017-07-18 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
248925
|
8.8 |
HIGH
Network
|
juniper
|
junos
|
A command injection vulnerability in the IDP feature of Juniper Networks Junos OS on SRX series devices potentially allows a user with login access to the device to execute shell commands and elevate…
|
CWE-77
Command Injection
|
CVE-2017-2349
|
2024-11-21 12:23 |
2017-07-17 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
248926
|
7.5 |
HIGH
Network
|
juniper
|
junos
|
The Juniper Enhanced jdhcpd daemon may experience high CPU utilization, or crash and restart upon receipt of an invalid IPv6 UDP packet. Both high CPU utilization and repeated crashes of the jdhcpd d…
|
CWE-400
Uncontrolled Resource Consumption
|
CVE-2017-2348
|
2024-11-21 12:23 |
2017-07-17 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
248927
|
7.5 |
HIGH
Network
|
juniper
|
junos
|
A denial of service vulnerability in rpd daemon of Juniper Networks Junos OS allows a malformed MPLS ping packet to crash the rpd daemon if MPLS OAM is configured. Repeated crashes of the rpd daemon …
|
CWE-20
Improper Input Validation
|
CVE-2017-2347
|
2024-11-21 12:23 |
2017-07-17 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
248928
|
5.9 |
MEDIUM
Network
|
juniper
|
junos
|
An MS-MPC or MS-MIC Service PIC may crash when large fragmented packets are passed through an Application Layer Gateway (ALG). Repeated crashes of the Service PC can result in an extended denial of s…
|
NVD-CWE-noinfo
|
CVE-2017-2346
|
2024-11-21 12:23 |
2017-07-17 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
248929
|
9.8 |
CRITICAL
Network
|
juniper
|
junos
|
On Junos OS devices with SNMP enabled, a network based attacker with unfiltered access to the RE can cause the Junos OS snmpd daemon to crash and restart by sending a crafted SNMP packet. Repeated cr…
|
CWE-20
Improper Input Validation
|
CVE-2017-2345
|
2024-11-21 12:23 |
2017-07-17 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
248930
|
7.8 |
HIGH
Local
|
hibara
|
attachecase
|
Untrusted search path vulnerability in Self-extracting encrypted files created by AttacheCase ver.3.2.2.6 and earlier allows an attacker to gain privileges via a Trojan horse DLL in an unspecified di…
|
CWE-426
Untrusted Search Path
|
CVE-2017-2272
|
2024-11-21 12:23 |
2017-07-17 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
