|
250081
|
5.9 |
MEDIUM
Network
|
electronic_funds_source_llc
|
efs_mobile_driver_source
|
The Electronic Funds Source (EFS) Mobile Driver Source app 2.5 for iOS does not verify X.509 certificates from SSL servers, which allows man-in-the-middle attackers to spoof servers and obtain sensit…
|
CWE-295
Improper Certificate Validation
|
CVE-2017-5909
|
2024-11-21 12:28 |
2017-05-5 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
250082
|
5.9 |
MEDIUM
Network
|
great_southern_bank
|
great_southern_mobile_banking
|
The Great Southern Bank Great Southern Mobile Banking app before 4.0.4 for iOS does not verify X.509 certificates from SSL servers, which allows man-in-the-middle attackers to spoof servers and obtai…
|
CWE-295
Improper Certificate Validation
|
CVE-2017-5907
|
2024-11-21 12:28 |
2017-05-5 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
250083
|
5.9 |
MEDIUM
Network
|
everyday_health_inc
|
diabetes_in_check\
|
The Everyday Health Diabetes in Check: Blood Glucose & Carb Tracker app 3.4.2 for iOS does not verify X.509 certificates from SSL servers, which allows man-in-the-middle attackers to spoof servers an…
|
CWE-295
Improper Certificate Validation
|
CVE-2017-5906
|
2024-11-21 12:28 |
2017-05-5 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
250084
|
5.9 |
MEDIUM
Network
|
dollar_bank
|
dollar_bank_mobile
|
The Dollar Bank Mobile app 2.6.3 for iOS does not verify X.509 certificates from SSL servers, which allows man-in-the-middle attackers to spoof servers and obtain sensitive information via a crafted …
|
CWE-295
Improper Certificate Validation
|
CVE-2017-5905
|
2024-11-21 12:28 |
2017-05-5 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
250085
|
5.9 |
MEDIUM
Network
|
payquicker
|
mypayquicker
|
The PayQuicker app 1.0.0 for iOS does not verify X.509 certificates from SSL servers, which allows man-in-the-middle attackers to spoof servers and obtain sensitive information via a crafted certific…
|
CWE-295
Improper Certificate Validation
|
CVE-2017-5902
|
2024-11-21 12:28 |
2017-05-5 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
250086
|
5.9 |
MEDIUM
Network
|
state_bank_of_india
|
state_bank_anywhere
|
The State Bank of India State Bank Anywhere app 5.1.0 for iOS does not verify X.509 certificates from SSL servers, which allows man-in-the-middle attackers to spoof servers and obtain sensitive infor…
|
CWE-295
Improper Certificate Validation
|
CVE-2017-5901
|
2024-11-21 12:28 |
2017-05-5 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
250087
|
6.1 |
MEDIUM
Network
|
kmc_information_systems
|
caseaware
|
An issue was discovered in KMCIS CaseAware. Reflected cross site scripting is present in the user parameter (i.e., "usr") that is transmitted in the login.php query string.
|
CWE-79
Cross-site Scripting
|
CVE-2017-5631
|
2024-11-21 12:28 |
2017-05-1 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
250088
|
8.8 |
HIGH
Network
|
we-con
|
levi_studio_hmi_editor
|
A Heap-Based Buffer Overflow issue was discovered in Wecon Technologies LEVI Studio HMI Editor before 1.8.1. This vulnerability causes a buffer overflow when a maliciously crafted project file is run…
|
CWE-119
Incorrect Access of Indexable Resource ('Range Error')
|
CVE-2017-6037
|
2024-11-21 12:28 |
2017-04-27 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
250089
|
8.8 |
HIGH
Network
|
we-con
|
levi_studio_hmi_editor
|
A Stack-Based Buffer Overflow issue was discovered in Wecon Technologies LEVI Studio HMI Editor before 1.8.1. This vulnerability causes a buffer overflow, which could result in denial of service when…
|
CWE-119
Incorrect Access of Indexable Resource ('Range Error')
|
CVE-2017-6035
|
2024-11-21 12:28 |
2017-04-27 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
250090
|
7.5 |
HIGH
Network
|
hyundaiusa
|
blue_link
|
A Use of Hard-Coded Cryptographic Key issue was discovered in Hyundai Motor America Blue Link 3.9.5 and 3.9.4. The application uses a hard-coded decryption password to protect sensitive user informat…
|
CWE-798
Use of Hard-coded Credentials
|
CVE-2017-6054
|
2024-11-21 12:28 |
2017-04-26 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
