|
255971
|
5.9 |
MEDIUM
Network
|
samsung
|
knox_enterprise_mobility_management
knox_identity_access_management
|
In Knox SDS IAM (Identity Access Management) and EMM (Enterprise Mobility Management) 16.11 on Samsung mobile devices, a man-in-the-middle attacker can install any application into the Knox container…
|
CWE-74
Injection
|
CVE-2017-10963
|
2024-11-21 12:06 |
2018-02-21 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
255972
|
6.5 |
MEDIUM
Network
|
puppet
redhat
|
puppet
puppet_enterprise
satellite
|
In previous versions of Puppet Agent it was possible for the agent to retrieve facts from an environment that it was not classified to retrieve from. This was resolved in Puppet Agent 5.3.4, included…
|
CWE-269
Improper Privilege Management
|
CVE-2017-10690
|
2024-11-21 12:06 |
2018-02-10 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
255973
|
5.5 |
MEDIUM
Local
|
puppet
canonical
redhat
|
puppet
puppet_enterprise
ubuntu_linux
satellite
|
In previous versions of Puppet Agent it was possible to install a module with world writable permissions. Puppet Agent 5.3.4 and 1.10.10 included a fix to this vulnerability.
|
CWE-269
Improper Privilege Management
|
CVE-2017-10689
|
2024-11-21 12:06 |
2018-02-10 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
255974
|
7.8 |
HIGH
Local
|
google
|
android
|
In Android for MSM, Firefox OS for MSM, QRD Android, with all Android releases from CAF using the Linux kernel, while updating a firmware image, data is read from flash into RAM without checking that…
|
CWE-120
Classic Buffer Overflow
|
CVE-2017-11003
|
2024-11-21 12:06 |
2018-01-11 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
255975
|
6.5 |
MEDIUM
Network
|
mqtt.js_project
|
mqtt.js
|
MQTT.js 2.x.x prior to 2.15.0 issue in handling PUBLISH tickets may lead to an attacker causing a denial-of-service condition.
|
CWE-674
Uncontrolled Recursion
|
CVE-2017-10910
|
2024-11-21 12:06 |
2017-12-28 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
255976
|
7.8 |
HIGH
Local
|
sony
|
music_center
|
Untrusted search path vulnerability in Music Center for PC version 1.0.01 and earlier allows an attacker to gain privileges via a Trojan horse DLL in an unspecified directory.
|
CWE-426
Untrusted Search Path
|
CVE-2017-10909
|
2024-11-21 12:06 |
2017-12-22 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
255977
|
7.5 |
HIGH
Network
|
dena
|
h2o
|
H2O version 2.2.3 and earlier allows remote attackers to cause a denial of service in the server via specially crafted HTTP/2 header.
|
CWE-20
Improper Input Validation
|
CVE-2017-10908
|
2024-11-21 12:06 |
2017-12-22 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
255978
|
4.3 |
MEDIUM
Network
|
spiqe
|
onethird_cms_show_off
|
Directory traversal vulnerability in OneThird CMS Show Off v1.85 and earlier. Show Off v1.85 en and earlier allows an attacker to read arbitrary files via unspecified vectors.
|
CWE-22
Path Traversal
|
CVE-2017-10907
|
2024-11-21 12:06 |
2017-12-22 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
255979
|
6.5 |
MEDIUM
Network
|
dena
|
h2o
|
H2O version 2.2.3 and earlier allows remote attackers to cause a denial of service in the server via unspecified vectors.
|
CWE-118
Incorrect Access of Indexable Resource ('Range Error')
|
CVE-2017-10872
|
2024-11-21 12:06 |
2017-12-22 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
255980
|
7.5 |
HIGH
Network
|
dena
|
h2o
|
Buffer overflow in H2O version 2.2.2 and earlier allows remote attackers to cause a denial-of-service in the server via unspecified vectors.
|
CWE-119
Incorrect Access of Indexable Resource ('Range Error')
|
CVE-2017-10869
|
2024-11-21 12:06 |
2017-12-22 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
