|
255011
|
8.8 |
HIGH
Network
|
asus
|
dsl-n10s_firmware
|
ASUS DSL-N10S V2.1.16_APAC devices allow CSRF.
|
CWE-352
Origin Validation Error
|
CVE-2017-12593
|
2024-11-21 12:09 |
2017-08-19 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
255012
|
8.8 |
HIGH
Network
|
asus
|
dsl-n10s_firmware
|
ASUS DSL-N10S V2.1.16_APAC devices have a privilege escalation vulnerability. A normal user can escalate its privilege and perform administrative actions. There is no mapping of users with their priv…
|
NVD-CWE-noinfo
|
CVE-2017-12592
|
2024-11-21 12:09 |
2017-08-19 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
255013
|
5.4 |
MEDIUM
Network
|
asus
|
dsl-n10s_firmware
|
ASUS DSL-N10S V2.1.16_APAC devices have reflected and stored cross site scripting, as demonstrated by the snmpSysName parameter.
|
CWE-79
Cross-site Scripting
|
CVE-2017-12591
|
2024-11-21 12:09 |
2017-08-19 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
255014
|
8.8 |
HIGH
Network
|
tomaxcom
|
r60g_firmware
r60gv2_firmware
|
ToMAX R60G R60GV2-V2.0-v.2.6.3-170330 devices do not have any protection against a CSRF attack.
|
CWE-352
Origin Validation Error
|
CVE-2017-12589
|
2024-11-21 12:09 |
2017-08-19 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
255015
|
8.8 |
HIGH
Network
|
netapp
|
clustered_data_ontap
|
Heap-based buffer overflow in the SMB implementation in NetApp Clustered Data ONTAP before 8.3.2P8 and 9.0 before P2 allows remote authenticated users to cause a denial of service or execute arbitrar…
|
CWE-119
Incorrect Access of Indexable Resource ('Range Error')
|
CVE-2017-12420
|
2024-11-21 12:09 |
2017-08-19 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
255016
|
9.8 |
CRITICAL
Network
|
qnap
|
ts-212p_firmware
|
Unprivileged user can access all functions in the Surveillance Station component in QNAP TS212P devices with firmware 4.2.1 build 20160601. Unprivileged user cannot login at front end but with that u…
|
CWE-862
Missing Authorization
|
CVE-2017-12582
|
2024-11-21 12:09 |
2017-08-19 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
255017
|
7.5 |
HIGH
Network
|
openstack
|
openstack
|
Aodh as packaged in Openstack Ocata and Newton before change-ID I8fd11a7f9fe3c0ea5f9843a89686ac06713b7851 and before Pike-rc1 does not verify that trust IDs belong to the user when creating alarm act…
|
CWE-306
Missing Authentication for Critical Function
|
CVE-2017-12440
|
2024-11-21 12:09 |
2017-08-18 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
255018
|
6.5 |
MEDIUM
Network
|
minidjvu_project
|
minidjvu
|
The JB2BitmapCoder::code_row_by_refinement function in jb2/bmpcoder.cpp in minidjvu 0.8 can cause a denial of service (invalid memory read and application crash) via a crafted djvu file.
|
CWE-125
Out-of-bounds Read
|
CVE-2017-12445
|
2024-11-21 12:09 |
2017-08-18 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
255019
|
6.5 |
MEDIUM
Network
|
minidjvu_project
|
minidjvu
|
The mdjvu_bitmap_get_bounding_box function in base/4bitmap.c in minidjvu 0.8 can cause a denial of service (invalid memory read and application crash) via a crafted djvu file.
|
CWE-125
Out-of-bounds Read
|
CVE-2017-12444
|
2024-11-21 12:09 |
2017-08-18 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
255020
|
6.5 |
MEDIUM
Network
|
minidjvu_project
|
minidjvu
|
The mdjvu_bitmap_pack_row function in base/4bitmap.c in minidjvu 0.8 can cause a denial of service (invalid memory read and application crash) via a crafted djvu file.
|
CWE-125
Out-of-bounds Read
|
CVE-2017-12443
|
2024-11-21 12:09 |
2017-08-18 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
