|
251851
|
5.9 |
MEDIUM
Network
|
sensiolabs
debian
|
symfony
debian_linux
|
An issue was discovered in Symfony before 2.7.38, 2.8.31, 3.2.14, 3.3.13, 3.4-BETA5, and 4.0-BETA5. The current implementation of CSRF protection in Symfony (Version >=2) does not use different token…
|
NVD-CWE-noinfo
|
CVE-2017-16653
|
2024-11-21 12:16 |
2018-08-7 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
251852
|
8.1 |
HIGH
Network
|
insteon
|
hub_firmware
|
Specially crafted commands sent through the PubNub service in Insteon Hub 2245-222 with firmware version 1012 can cause a stack-based buffer overflow overwriting arbitrary data. An attacker should se…
|
CWE-787
Out-of-bounds Write
|
CVE-2017-16252
|
2024-11-21 12:16 |
2018-08-7 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
251853
|
6.5 |
MEDIUM
Network
|
sensiolabs
debian
|
symfony
debian_linux
|
An issue was discovered in Symfony before 2.7.38, 2.8.31, 3.2.14, 3.3.13, 3.4-BETA5, and 4.0-BETA5. When a form is submitted by the user, the request handler classes of the Form component merge POST …
|
CWE-20
Improper Input Validation
|
CVE-2017-16790
|
2024-11-21 12:16 |
2018-08-7 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
251854
|
7.5 |
HIGH
Network
|
sensiolabs
debian
|
symfony
debian_linux
|
An issue was discovered in Symfony before 2.7.38, 2.8.31, 3.2.14, 3.3.13, 3.4-BETA5, and 4.0-BETA5. The Intl component includes various bundle readers that are used to read resource bundles from the …
|
CWE-22
Path Traversal
|
CVE-2017-16654
|
2024-11-21 12:16 |
2018-08-7 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
251855
|
8.1 |
HIGH
Network
|
sap
|
business_planning_and_consolidation
|
An exploitable XML external entity vulnerability exists in the reporting functionality of SAP BPC. A specially crafted XML request can cause an XML external entity to be referenced, resulting in info…
|
CWE-611
XXE
|
CVE-2017-16349
|
2024-11-21 12:16 |
2018-08-3 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
251856
|
9.9 |
CRITICAL
Network
|
insteon
|
hub_firmware
|
An attacker could send an authenticated HTTP request to trigger this vulnerability in Insteon Hub running firmware version 1012. At 0x9d01e7d4 the value for the s_vol key is copied using strcpy to th…
|
CWE-120
Classic Buffer Overflow
|
CVE-2017-16347
|
2024-11-21 12:16 |
2018-08-3 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
251857
|
9.9 |
CRITICAL
Network
|
insteon
|
hub_firmware
|
An attacker could send an authenticated HTTP request to trigger this vulnerability in Insteon Hub running firmware version 1012. At 0x9d01c368 the value for the s_mac key is copied using strcpy to th…
|
CWE-120
Classic Buffer Overflow
|
CVE-2017-16346
|
2024-11-21 12:16 |
2018-08-3 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
251858
|
9.9 |
CRITICAL
Network
|
insteon
|
hub_firmware
|
An attacker could send an authenticated HTTP request to trigger this vulnerability in Insteon Hub running firmware version 1012. At 0x9d01c318 the value for the s_port key is copied using strcpy to t…
|
CWE-120
Classic Buffer Overflow
|
CVE-2017-16345
|
2024-11-21 12:16 |
2018-08-3 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
251859
|
9.9 |
CRITICAL
Network
|
insteon
|
hub_firmware
|
An attacker could send an authenticated HTTP request to trigger this vulnerability in Insteon Hub running firmware version 1012. At 0x9d01c2c8 the value for the s_url key is copied using strcpy to th…
|
CWE-120
Classic Buffer Overflow
|
CVE-2017-16344
|
2024-11-21 12:16 |
2018-08-3 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
251860
|
9.9 |
CRITICAL
Network
|
insteon
|
hub_firmware
|
An attacker could send an authenticated HTTP request to trigger this vulnerability in Insteon Hub running firmware version 1012. At 0x9d01c284 the value for the s_vol_brt_delta key is copied using st…
|
CWE-120
Classic Buffer Overflow
|
CVE-2017-16343
|
2024-11-21 12:16 |
2018-08-3 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
