|
252501
|
7.5 |
HIGH
Network
|
watchdogdevelopment
|
anti-malware
online_security_pro
|
In Watchdog Anti-Malware 2.74.186.150 and Online Security Pro 2.74.186.150, the zam32.sys driver contains a NULL pointer dereference vulnerability that gets triggered when sending an operation to ioc…
|
CWE-476
NULL Pointer Dereference
|
CVE-2017-15921
|
2024-11-21 12:15 |
2017-10-31 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
252502
|
7.5 |
HIGH
Network
|
watchdogdevelopment
|
anti-malware
online_security_pro
|
In Watchdog Anti-Malware 2.74.186.150 and Online Security Pro 2.74.186.150, the zam32.sys driver contains a NULL pointer dereference vulnerability that gets triggered when sending an operation to ioc…
|
CWE-476
NULL Pointer Dereference
|
CVE-2017-15920
|
2024-11-21 12:15 |
2017-10-31 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
252503
|
7.2 |
HIGH
Network
|
eyesofnetwork
|
eyesofnetwork
|
SQL injection vulnerability in the EyesOfNetwork web interface (aka eonweb) 5.1-0 allows remote authenticated administrators to execute arbitrary SQL commands via the graph parameter to module/capaci…
|
CWE-89
SQL Injection
|
CVE-2017-16000
|
2024-11-21 12:15 |
2017-10-30 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
252504
|
9.8 |
CRITICAL
Network
|
nq
|
contacts_backup_\&_restore
|
In the "NQ Contacts Backup & Restore" application 1.1 for Android, no HTTPS is used for transmitting login and synced user data. When logging in, the username is transmitted in cleartext along with a…
|
CWE-319
Cleartext Transmission of Sensitive Information
|
CVE-2017-15999
|
2024-11-21 12:15 |
2017-10-30 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
252505
|
7.5 |
HIGH
Network
|
nq
|
contacts_backup_\&_restore
|
In the "NQ Contacts Backup & Restore" application 1.1 for Android, DES encryption with a static key is used to secure transmitted contact data. This makes it easier for remote attackers to obtain cle…
|
CWE-327
Use of a Broken or Risky Cryptographic Algorithm
|
CVE-2017-15998
|
2024-11-21 12:15 |
2017-10-30 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
252506
|
7.8 |
HIGH
Local
|
nq
|
contacts_backup_\&_restore
|
In the "NQ Contacts Backup & Restore" application 1.1 for Android, RC4 encryption is used to secure the user password locally stored in shared preferences. Because there is a static RC4 key, an attac…
|
CWE-327
Use of a Broken or Risky Cryptographic Algorithm
|
CVE-2017-15997
|
2024-11-21 12:15 |
2017-10-30 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
252507
|
7.8 |
HIGH
Local
|
gnu
|
binutils
|
elfcomm.c in readelf in GNU Binutils 2.29 allows remote attackers to cause a denial of service (excessive memory allocation) or possibly have unspecified other impact via a crafted ELF file that trig…
|
CWE-119
Incorrect Access of Indexable Resource ('Range Error')
|
CVE-2017-15996
|
2024-11-21 12:15 |
2017-10-30 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
252508
|
9.8 |
CRITICAL
Network
|
samba
|
rsync
|
rsync 3.1.3-development before 2017-10-24 mishandles archaic checksums, which makes it easier for remote attackers to bypass intended access restrictions. NOTE: the rsync development branch has signi…
|
CWE-354
Improper Validation of Integrity Check Value
|
CVE-2017-15994
|
2024-11-21 12:15 |
2017-10-29 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
252509
|
9.8 |
CRITICAL
Network
|
zeescripts
|
zeebuddy
|
ZeeBuddy 2x allows SQL Injection via the admin/editadgroup.php groupid parameter, a different vulnerability than CVE-2008-3604.
|
CWE-89
SQL Injection
|
CVE-2017-15976
|
2024-11-21 12:15 |
2017-10-29 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
252510
|
9.8 |
CRITICAL
Network
|
vastal
|
dating_zone
|
Vastal I-Tech Dating Zone 0.9.9 allows SQL Injection via the 'product_id' to add_to_cart.php, a different vulnerability than CVE-2008-4461.
|
CWE-89
SQL Injection
|
CVE-2017-15975
|
2024-11-21 12:15 |
2017-10-29 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
