|
247211
|
8.8 |
HIGH
Network
|
blackberry
|
workspaces
|
An information disclosure / elevation of privilege vulnerability in the BlackBerry Workspaces Server could potentially allow an attacker who has legitimate access to BlackBerry Workspaces to gain acc…
|
CWE-287
Improper Authentication
|
CVE-2017-9370
|
2024-11-21 12:35 |
2017-08-10 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
247212
|
7.8 |
HIGH
Local
|
sierrawireless
|
sierra_wireless_em7455_software
sierra_wireless_location_sensor_driver
sierra_wireless_em7345_software
|
Multiple unquoted service path vulnerabilities in Sierra Wireless Windows Mobile Broadband Driver Package (MBDP) with build ID < 4657 allows local users to launch processes with elevated privileges.
|
CWE-428
Unquoted Search Path or Element
|
CVE-2017-9247
|
2024-11-21 12:35 |
2017-08-3 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
247213
|
6.1 |
MEDIUM
Network
|
trello
|
trello
|
Cross-site scripting (XSS) vulnerability in the Trello app before 4.0.8 for iOS might allow remote attackers to inject arbitrary web script or HTML by uploading and attaching a crafted photo to a Car…
|
CWE-79
Cross-site Scripting
|
CVE-2017-9244
|
2024-11-21 12:35 |
2017-08-3 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
247214
|
5.5 |
MEDIUM
Local
|
surina
|
soundtouch
|
The TDStretchSSE::calcCrossCorr function in source/SoundTouch/sse_optimized.cpp in SoundTouch 1.9.2 allows remote attackers to cause a denial of service (heap-based buffer over-read and application c…
|
CWE-125
Out-of-bounds Read
|
CVE-2017-9260
|
2024-11-21 12:35 |
2017-07-27 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
247215
|
5.5 |
MEDIUM
Local
|
surina
|
soundtouch
|
The TDStretch::acceptNewOverlapLength function in source/SoundTouch/TDStretch.cpp in SoundTouch 1.9.2 allows remote attackers to cause a denial of service (memory allocation error and application cra…
|
CWE-400
Uncontrolled Resource Consumption
|
CVE-2017-9259
|
2024-11-21 12:35 |
2017-07-27 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
247216
|
5.5 |
MEDIUM
Local
|
surina
|
soundtouch
|
The TDStretch::processSamples function in source/SoundTouch/TDStretch.cpp in SoundTouch 1.9.2 allows remote attackers to cause a denial of service (infinite loop and CPU consumption) via a crafted wa…
|
CWE-835
Loop with Unreachable Exit Condition ('Infinite Loop')
|
CVE-2017-9258
|
2024-11-21 12:35 |
2017-07-27 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
247217
|
7.5 |
HIGH
Network
|
libexpat_project
python
debian
|
libexpat
python
debian_linux
|
XML External Entity vulnerability in libexpat 2.2.0 and earlier (Expat XML Parser Library) allows attackers to put the parser in an infinite loop using a malformed external entity definition from an …
|
CWE-611
CWE-835
XXE
Loop with Unreachable Exit Condition ('Infinite Loop')
|
CVE-2017-9233
|
2024-11-21 12:35 |
2017-07-26 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
247218
|
7.5 |
HIGH
Network
|
google
|
news_and_weather
|
The Google News and Weather application before 3.3.1 for Android allows remote attackers to read OAuth tokens by sniffing the network and leveraging the lack of SSL.
|
CWE-200
Information Exposure
|
CVE-2017-9245
|
2024-11-21 12:35 |
2017-07-19 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
247219
|
6.5 |
MEDIUM
Network
|
owncloud
|
owncloud
|
An attacker is logged in as a normal user and can somehow make admin to delete shared folders in ownCloud Server before 10.0.2.
|
NVD-CWE-noinfo
|
CVE-2017-9340
|
2024-11-21 12:35 |
2017-07-18 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
247220
|
5.3 |
MEDIUM
Network
|
owncloud
|
owncloud
|
A logical error in ownCloud Server before 10.0.2 caused disclosure of valid share tokens for public calendars. Thus granting an attacker potentially access to publicly shared calendars without knowin…
|
NVD-CWE-noinfo
|
CVE-2017-9339
|
2024-11-21 12:35 |
2017-07-18 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
