|
256141
|
7.8 |
HIGH
Local
|
hitachi-solutions
|
confidential_file_decryption
|
Untrusted search path vulnerability in HIBUN Confidential File Decryption program prior to 10.50.0.5 allows an attacker to gain privileges via a Trojan horse DLL in an unspecified directory. Note thi…
|
CWE-426
Untrusted Search Path
|
CVE-2017-10865
|
2024-11-21 12:06 |
2017-10-12 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
256142
|
7.8 |
HIGH
Local
|
hitachi-solutions
|
confidential_file_viewer
|
Untrusted search path vulnerability in Installer of HIBUN Confidential File Viewer prior to 11.20.0001 allows an attacker to gain privileges via a Trojan horse DLL in an unspecified directory.
|
CWE-426
Untrusted Search Path
|
CVE-2017-10864
|
2024-11-21 12:06 |
2017-10-12 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
256143
|
7.8 |
HIGH
Local
|
hitachi-solutions
|
confidential_file_decryption
|
Untrusted search path vulnerability in HIBUN Confidential File Decryption program prior to 10.50.0.5 allows an attacker to gain privileges via a Trojan horse DLL in an unspecified directory. Note thi…
|
CWE-426
Untrusted Search Path
|
CVE-2017-10863
|
2024-11-21 12:06 |
2017-10-12 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
256144
|
5.3 |
MEDIUM
Network
|
really
|
jwt-scala
|
jwt-scala 1.2.2 and earlier fails to verify token signatures correctly which may lead to an attacker being able to pass specially crafted JWT data as a correctly signed token.
|
CWE-345
Insufficient Verification of Data Authenticity
|
CVE-2017-10862
|
2024-11-21 12:06 |
2017-10-12 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
256145
|
4.3 |
MEDIUM
Network
|
cybozu
|
office
|
Cybozu Office 10.0.0 to 10.6.1 allows authenticated attackers to bypass access restriction to perform arbitrary actions via "Cabinet" function.
|
CWE-269
Improper Privilege Management
|
CVE-2017-10857
|
2024-11-21 12:06 |
2017-10-12 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
256146
|
6.1 |
MEDIUM
Network
|
sap
|
enterprise_portal
|
Cross site scripting (XSS) vulnerability in SAP Enterprise Portal 7.50 allows remote attackers to inject arbitrary web script or HTML, aka SAP Security Notes 2469860, 2471209, and 2488516.
|
CWE-79
Cross-site Scripting
|
CVE-2017-10701
|
2024-11-21 12:06 |
2017-09-29 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
256147
|
7.8 |
HIGH
Local
|
google
|
android
|
In all Qualcomm products with Android releases from CAF using the Linux kernel, an output buffer is accessed in one thread and can be potentially freed in another.
|
NVD-CWE-noinfo
|
CVE-2017-11041
|
2024-11-21 12:06 |
2017-09-22 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
256148
|
5.5 |
MEDIUM
Local
|
google
|
android
|
In all Qualcomm products with Android releases from CAF using the Linux kernel, when reading from sysfs nodes, one can read more information than it is allowed to.
|
CWE-200
Information Exposure
|
CVE-2017-11040
|
2024-11-21 12:06 |
2017-09-22 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
256149
|
5.5 |
MEDIUM
Local
|
google
|
android
|
In all Qualcomm products with Android releases from CAF using the Linux kernel, while processing a vendor sub-command, a buffer over-read can occur.
|
CWE-125
Out-of-bounds Read
|
CVE-2017-11002
|
2024-11-21 12:06 |
2017-09-22 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
256150
|
5.5 |
MEDIUM
Local
|
google
|
android
|
In all Qualcomm products with Android releases from CAF using the Linux kernel, the length of the MAC address is not checked which may cause out of bounds read.
|
CWE-200
Information Exposure
|
CVE-2017-11001
|
2024-11-21 12:06 |
2017-09-22 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
