|
259101
|
7.2 |
HIGH
Network
|
zte
|
zxr10_1800-2s_firmware
|
All versions prior to ZSRV2 V3.00.40 of the ZTE ZXR10 1800-2S products allow remote authenticated users to bypass the original password authentication protection to change other user's password.
|
NVD-CWE-noinfo
|
CVE-2017-10935
|
2024-11-21 12:06 |
2018-07-26 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
259102
|
9.8 |
CRITICAL
Network
|
zte
|
zxiptv-epg_firmware
|
All versions prior to V5.09.02.02T4 of the ZTE ZXIPTV-EPG product use the Java RMI service in which the servers use the Apache Commons Collections (ACC) library that may result in Java deserializatio…
|
CWE-502
Deserialization of Untrusted Data
|
CVE-2017-10934
|
2024-11-21 12:06 |
2018-07-26 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
259103
|
9.8 |
CRITICAL
Network
|
qualcomm
|
mdm9206_firmware
mdm9607_firmware
sd_210_firmware
sd_212_firmware
sd_205_firmware
sd_425_firmware
sd_430_firmware
sd_450_firmware
sd_625_firmware
sd_820_firmware
sd_835_…
|
In Android before security patch level 2018-04-05 on Qualcomm Snapdragon Mobile and Snapdragon Wear MDM9206, MDM9607, SD 210/SD 212/SD 205, SD 425, SD 430, SD 450, SD 625, SD 820, SD 835, a Use After…
|
CWE-416
Use After Free
|
CVE-2017-11011
|
2024-11-21 12:06 |
2018-04-12 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
259104
|
9.8 |
CRITICAL
Network
|
google
|
android
|
In Android before 2018-01-05 on Qualcomm Snapdragon IoT, Snapdragon Mobile MDM9206, MDM9650, SD 210/SD 212/SD 205, SD 625, SD 650/52, SD 835, access control left a configuration space unprotected.
|
NVD-CWE-noinfo
|
CVE-2017-11010
|
2024-11-21 12:06 |
2018-03-31 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
259105
|
8.8 |
HIGH
Adjacent
|
corega
|
cg-wgr_1200_firmware
|
Corega CG-WGR1200 firmware 2.20 and earlier allows an attacker to bypass authentication and change the login password via unspecified vectors.
|
CWE-306
Missing Authentication for Critical Function
|
CVE-2017-10854
|
2024-11-21 12:06 |
2018-03-10 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
259106
|
8.8 |
HIGH
Adjacent
|
corega
|
cg-wgr_1200_firmware
|
Buffer overflow in Corega CG-WGR1200 firmware 2.20 and earlier allows an attacker to execute arbitrary commands via unspecified vectors.
|
CWE-119
Incorrect Access of Indexable Resource ('Range Error')
|
CVE-2017-10853
|
2024-11-21 12:06 |
2018-03-10 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
259107
|
8.8 |
HIGH
Adjacent
|
corega
|
cg-wgr_1200_firmware
|
Buffer overflow in Corega CG-WGR1200 firmware 2.20 and earlier allows an attacker to execute arbitrary code via unspecified vectors.
|
CWE-119
Incorrect Access of Indexable Resource ('Range Error')
|
CVE-2017-10852
|
2024-11-21 12:06 |
2018-03-10 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
259108
|
5.9 |
MEDIUM
Network
|
samsung
|
knox_enterprise_mobility_management
knox_identity_access_management
|
In Knox SDS IAM (Identity Access Management) and EMM (Enterprise Mobility Management) 16.11 on Samsung mobile devices, a man-in-the-middle attacker can install any application into the Knox container…
|
CWE-74
Injection
|
CVE-2017-10963
|
2024-11-21 12:06 |
2018-02-21 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
259109
|
6.5 |
MEDIUM
Network
|
puppet
redhat
|
puppet
puppet_enterprise
satellite
|
In previous versions of Puppet Agent it was possible for the agent to retrieve facts from an environment that it was not classified to retrieve from. This was resolved in Puppet Agent 5.3.4, included…
|
CWE-269
Improper Privilege Management
|
CVE-2017-10690
|
2024-11-21 12:06 |
2018-02-10 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
259110
|
5.5 |
MEDIUM
Local
|
puppet
canonical
redhat
|
puppet
puppet_enterprise
ubuntu_linux
satellite
|
In previous versions of Puppet Agent it was possible to install a module with world writable permissions. Puppet Agent 5.3.4 and 1.10.10 included a fix to this vulnerability.
|
CWE-269
Improper Privilege Management
|
CVE-2017-10689
|
2024-11-21 12:06 |
2018-02-10 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
