|
256961
|
9.8 |
CRITICAL
Network
|
simplesamlphp
|
simplesamlphp
|
The secureCompare method in lib/SimpleSAML/Utils/Crypto.php in SimpleSAMLphp 1.14.13 and earlier, when used with PHP before 5.6, allows attackers to conduct session fixation attacks or possibly bypas…
|
CWE-384
Session Fixation
|
CVE-2017-12868
|
2024-11-21 12:10 |
2017-09-1 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
256962
|
7.4 |
HIGH
Network
|
siemens
|
logo\!_8_bm_firmware
|
A vulnerability has been identified in LOGO! 8 BM (incl. SIPLUS variants) (All versions < V8.3). An attacker who performs a Man-in-the-Middle attack between the LOGO! BM and other devices could poten…
|
-
|
CVE-2017-12735
|
2024-11-21 12:10 |
2017-08-31 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
256963
|
7.5 |
HIGH
Network
|
siemens
|
logo\!8_bm_fs-05_firmware
|
A vulnerability has been identified in LOGO! 8 BM (incl. SIPLUS variants) (All versions < V1.81.2). An attacker with network access to the integrated web server on port 80/tcp could obtain the sessio…
|
-
|
CVE-2017-12734
|
2024-11-21 12:10 |
2017-08-31 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
256964
|
7.8 |
HIGH
Local
|
advantech
|
webaccess
|
An Uncontrolled Search Path Element issue was discovered in Advantech WebAccess versions prior to V8.2_20170817. A maliciously crafted dll file placed earlier in the search path may allow an attacker…
|
CWE-427
Uncontrolled Search Path Element
|
CVE-2017-12717
|
2024-11-21 12:10 |
2017-08-31 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
256965
|
7.8 |
HIGH
Local
|
advantech
|
webaccess
|
An Incorrect Permission Assignment for Critical Resource issue was discovered in Advantech WebAccess versions prior to V8.2_20170817. Multiple files and folders with ACLs that affect other users are …
|
CWE-732
Incorrect Permission Assignment for Critical Resource
|
CVE-2017-12713
|
2024-11-21 12:10 |
2017-08-31 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
256966
|
7.8 |
HIGH
Local
|
advantech
|
webaccess
|
An Incorrect Privilege Assignment issue was discovered in Advantech WebAccess versions prior to V8.2_20170817. A built-in user account has been granted a sensitive privilege that may allow a user to …
|
NVD-CWE-noinfo
|
CVE-2017-12711
|
2024-11-21 12:10 |
2017-08-31 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
256967
|
7.5 |
HIGH
Network
|
advantech
|
webaccess
|
A SQL Injection issue was discovered in Advantech WebAccess versions prior to V8.2_20170817. By submitting a specially crafted parameter, it is possible to inject arbitrary SQL statements that could …
|
CWE-89
SQL Injection
|
CVE-2017-12710
|
2024-11-21 12:10 |
2017-08-31 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
256968
|
9.8 |
CRITICAL
Network
|
advantech
|
webaccess
|
An Improper Restriction Of Operations Within The Bounds Of A Memory Buffer issue was discovered in Advantech WebAccess versions prior to V8.2_20170817. Researchers have identified multiple vulnerabil…
|
CWE-119
Incorrect Access of Indexable Resource ('Range Error')
|
CVE-2017-12708
|
2024-11-21 12:10 |
2017-08-31 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
256969
|
9.8 |
CRITICAL
Network
|
advantech
|
webaccess
|
A stack-based buffer overflow issue was discovered in Advantech WebAccess versions prior to V8.2_20170817. Researchers have identified multiple vulnerabilities where there is a lack of proper validat…
|
CWE-119
Incorrect Access of Indexable Resource ('Range Error')
|
CVE-2017-12706
|
2024-11-21 12:10 |
2017-08-31 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
256970
|
8.8 |
HIGH
Network
|
advantech
|
webaccess
|
A heap-based buffer overflow issue was discovered in Advantech WebAccess versions prior to V8.2_20170817. Researchers have identified multiple vulnerabilities where there is a lack of proper validati…
|
CWE-119
Incorrect Access of Indexable Resource ('Range Error')
|
CVE-2017-12704
|
2024-11-21 12:10 |
2017-08-31 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
