|
249681
|
4.3 |
MEDIUM
Network
|
cybozu
|
office
|
Cybozu Office 10.0.0 to 10.5.0 allows remote authenticated attackers to bypass access restriction to obtain "customapp" information via unspecified vectors.
|
CWE-732
Incorrect Permission Assignment for Critical Resource
|
CVE-2017-2115
|
2024-11-21 12:22 |
2017-04-29 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
249682
|
5.4 |
MEDIUM
Network
|
cybozu
|
office
|
Cross-site scripting vulnerability in Cybozu Office 10.0.0 to 10.5.0 allows remote authenticated attackers to inject arbitrary web script or HTML via unspecified vectors.
|
CWE-79
Cross-site Scripting
|
CVE-2017-2114
|
2024-11-21 12:22 |
2017-04-29 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
249683
|
8.8 |
HIGH
Adjacent
|
iodata
|
ts-ptcam\/poe_firmware
ts-ptcam_firmware
ts-wrlc_firmware
ts-wlc2_firmware
ts-wlce_firmware
ts-wptcam2_firmware
ts-wptcam_firmware
|
Buffer overflow in TS-WPTCAM firmware version 1.18 and earlier, TS-WPTCAM2 firmware version 1.00, TS-WLCE firmware version 1.18 and earlier, TS-WLC2 firmware version 1.18 and earlier, TS-WRLC firmwar…
|
CWE-119
Incorrect Access of Indexable Resource ('Range Error')
|
CVE-2017-2113
|
2024-11-21 12:22 |
2017-04-29 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
249684
|
8.8 |
HIGH
Adjacent
|
iodata
|
ts-ptcam\/poe_firmware
ts-ptcam_firmware
ts-wrlc_firmware
ts-wlc2_firmware
ts-wlce_firmware
ts-wptcam2_firmware
ts-wptcam_firmware
|
TS-WPTCAM firmware version 1.18 and earlier, TS-WPTCAM2 firmware version 1.00, TS-WLCE firmware version 1.18 and earlier, TS-WLC2 firmware version 1.18 and earlier, TS-WRLC firmware version 1.17 and …
|
CWE-78
OS Command
|
CVE-2017-2112
|
2024-11-21 12:22 |
2017-04-29 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
249685
|
6.1 |
MEDIUM
Network
|
iodata
|
ts-ptcam\/poe_firmware
ts-ptcam_firmware
ts-wrlc_firmware
ts-wlc2_firmware
ts-wlce_firmware
ts-wptcam2_firmware
ts-wptcam_firmware
|
HTTP header injection vulnerability in TS-WPTCAM firmware version 1.18 and earlier, TS-WPTCAM2 firmware version 1.00, TS-WLCE firmware version 1.18 and earlier, TS-WLC2 firmware version 1.18 and earl…
|
CWE-93
CRLF Injection
|
CVE-2017-2111
|
2024-11-21 12:22 |
2017-04-29 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
249686
|
5.9 |
MEDIUM
Network
|
nissan_securities
|
access_cx
|
The Access CX App for Android prior to 2.0.0.1 and for iOS prior to 2.0.2 does not verify X.509 certificates from SSL servers, which allows man-in-the-middle attackers to spoof servers and obtain sen…
|
CWE-295
Improper Certificate Validation
|
CVE-2017-2110
|
2024-11-21 12:22 |
2017-04-29 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
249687
|
2.5 |
LOW
Local
|
cybozu
|
kunai
|
Cybozu KUNAI for Android 3.0.4 to 3.0.5.1 allow remote attackers to obtain log information through a malicious Android application.
|
CWE-200
Information Exposure
|
CVE-2017-2109
|
2024-11-21 12:22 |
2017-04-29 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
249688
|
7.8 |
HIGH
Local
|
softbank
|
primedrive_desktop_application
|
Untrusted search path vulnerability in PrimeDrive Desktop Application 1.4.3 and earlier allows remote attackers to gain privileges via a Trojan horse DLL in an unspecified directory.
|
CWE-426
Untrusted Search Path
|
CVE-2017-2108
|
2024-11-21 12:22 |
2017-04-29 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
249689
|
7.8 |
HIGH
Local
|
akky
|
7-zip32.dll
|
Untrusted search path vulnerability in Self-extracting archive files created by 7-ZIP32.DLL 9.22.00.01 and earlier allows remote attackers to gain privileges via a Trojan horse DLL in an unspecified …
|
CWE-426
Untrusted Search Path
|
CVE-2017-2107
|
2024-11-21 12:22 |
2017-04-29 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
249690
|
6.1 |
MEDIUM
Network
|
webmin
|
webmin
|
Multiple cross-site scripting vulnerabilities in Webmin versions prior to 1.830 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors.
|
CWE-79
Cross-site Scripting
|
CVE-2017-2106
|
2024-11-21 12:22 |
2017-04-29 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
