|
249651
|
7.5 |
HIGH
Network
|
opensuse
|
open_build_service
|
The bs_worker code in open build service before 20170320 followed relative symlinks, allowing reading of files outside of the package source directory during build, allowing leakage of private inform…
|
CWE-200
CWE-59
Information Exposure
Link Following
|
CVE-2017-5188
|
2024-11-21 12:27 |
2018-03-2 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
249652
|
8.1 |
HIGH
Network
|
insteon
|
insteon_hub_firmware
|
In version 1012 and prior of Insteon's Insteon Hub, the radio transmissions used for communication between the hub and connected devices are not encrypted.
|
CWE-311
Missing Encryption of Sensitive Data
|
CVE-2017-5251
|
2024-11-21 12:27 |
2018-02-23 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
249653
|
9.8 |
CRITICAL
Network
|
insteon
|
insteon_for_hub
|
In version 1.9.7 and prior of Insteon's Insteon for Hub Android app, the OAuth token used by the app to authorize user access is not stored in an encrypted and secure manner.
|
CWE-312
CWE-922
Cleartext Storage of Sensitive Information
Insecure Storage of Sensitive Information
|
CVE-2017-5250
|
2024-11-21 12:27 |
2018-02-23 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
249654
|
9.8 |
CRITICAL
Network
|
wink
|
wink
|
In version 6.1.0.19 and prior of Wink Labs's Wink - Smart Home Android app, the OAuth token used by the app to authorize user access is not stored in an encrypted and secure manner.
|
CWE-312
CWE-922
Cleartext Storage of Sensitive Information
Insecure Storage of Sensitive Information
|
CVE-2017-5249
|
2024-11-21 12:27 |
2018-02-23 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
249655
|
8.8 |
HIGH
Network
|
google
debian
|
chrome
debian_linux
|
Off-by-one read/write on the heap in Blink in Google Chrome prior to 62.0.3202.62 allowed a remote attacker to corrupt memory and possibly leak information and potentially execute code via a crafted …
|
CWE-787
Out-of-bounds Write
|
CVE-2017-5133
|
2024-11-21 12:27 |
2018-02-8 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
249656
|
8.8 |
HIGH
Network
|
google
debian
|
chrome
debian_linux
|
Inappropriate implementation in V8 in Google Chrome prior to 62.0.3202.62 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page, aka incorrect WebAssembly stack man…
|
CWE-119
Incorrect Access of Indexable Resource ('Range Error')
|
CVE-2017-5132
|
2024-11-21 12:27 |
2018-02-8 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
249657
|
8.8 |
HIGH
Network
|
google
debian
|
chrome
debian_linux
|
An integer overflow in Skia in Google Chrome prior to 62.0.3202.62 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page, aka an out-of-bounds write.
|
CWE-190
Integer Overflow or Wraparound
|
CVE-2017-5131
|
2024-11-21 12:27 |
2018-02-8 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
249658
|
8.8 |
HIGH
Network
|
google
debian
xmlsoft
|
chrome
debian_linux
libxml2
|
An integer overflow in xmlmemory.c in libxml2 before 2.9.5, as used in Google Chrome prior to 62.0.3202.62 and other products, allowed a remote attacker to potentially exploit heap corruption via a c…
|
CWE-787
Out-of-bounds Write
|
CVE-2017-5130
|
2024-11-21 12:27 |
2018-02-8 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
249659
|
8.8 |
HIGH
Network
|
google
debian
|
chrome
debian_linux
|
A use after free in WebAudio in Blink in Google Chrome prior to 62.0.3202.62 allowed a remote attacker to perform an out of bounds memory read via a crafted HTML page.
|
CWE-416
Use After Free
|
CVE-2017-5129
|
2024-11-21 12:27 |
2018-02-8 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
249660
|
8.8 |
HIGH
Network
|
google
debian
|
chrome
debian_linux
|
Heap buffer overflow in Blink in Google Chrome prior to 62.0.3202.62 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page, related to WebGL.
|
CWE-119
Incorrect Access of Indexable Resource ('Range Error')
|
CVE-2017-5128
|
2024-11-21 12:27 |
2018-02-8 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
