|
250271
|
5.9 |
MEDIUM
Network
|
everyday_health_inc
|
diabetes_in_check\
|
The Everyday Health Diabetes in Check: Blood Glucose & Carb Tracker app 3.4.2 for iOS does not verify X.509 certificates from SSL servers, which allows man-in-the-middle attackers to spoof servers an…
|
CWE-295
Improper Certificate Validation
|
CVE-2017-5906
|
2024-11-21 12:28 |
2017-05-5 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
250272
|
5.9 |
MEDIUM
Network
|
dollar_bank
|
dollar_bank_mobile
|
The Dollar Bank Mobile app 2.6.3 for iOS does not verify X.509 certificates from SSL servers, which allows man-in-the-middle attackers to spoof servers and obtain sensitive information via a crafted …
|
CWE-295
Improper Certificate Validation
|
CVE-2017-5905
|
2024-11-21 12:28 |
2017-05-5 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
250273
|
5.9 |
MEDIUM
Network
|
payquicker
|
mypayquicker
|
The PayQuicker app 1.0.0 for iOS does not verify X.509 certificates from SSL servers, which allows man-in-the-middle attackers to spoof servers and obtain sensitive information via a crafted certific…
|
CWE-295
Improper Certificate Validation
|
CVE-2017-5902
|
2024-11-21 12:28 |
2017-05-5 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
250274
|
5.9 |
MEDIUM
Network
|
state_bank_of_india
|
state_bank_anywhere
|
The State Bank of India State Bank Anywhere app 5.1.0 for iOS does not verify X.509 certificates from SSL servers, which allows man-in-the-middle attackers to spoof servers and obtain sensitive infor…
|
CWE-295
Improper Certificate Validation
|
CVE-2017-5901
|
2024-11-21 12:28 |
2017-05-5 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
250275
|
6.1 |
MEDIUM
Network
|
kmc_information_systems
|
caseaware
|
An issue was discovered in KMCIS CaseAware. Reflected cross site scripting is present in the user parameter (i.e., "usr") that is transmitted in the login.php query string.
|
CWE-79
Cross-site Scripting
|
CVE-2017-5631
|
2024-11-21 12:28 |
2017-05-1 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
250276
|
8.8 |
HIGH
Network
|
we-con
|
levi_studio_hmi_editor
|
A Heap-Based Buffer Overflow issue was discovered in Wecon Technologies LEVI Studio HMI Editor before 1.8.1. This vulnerability causes a buffer overflow when a maliciously crafted project file is run…
|
CWE-119
Incorrect Access of Indexable Resource ('Range Error')
|
CVE-2017-6037
|
2024-11-21 12:28 |
2017-04-27 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
250277
|
8.8 |
HIGH
Network
|
we-con
|
levi_studio_hmi_editor
|
A Stack-Based Buffer Overflow issue was discovered in Wecon Technologies LEVI Studio HMI Editor before 1.8.1. This vulnerability causes a buffer overflow, which could result in denial of service when…
|
CWE-119
Incorrect Access of Indexable Resource ('Range Error')
|
CVE-2017-6035
|
2024-11-21 12:28 |
2017-04-27 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
250278
|
7.5 |
HIGH
Network
|
hyundaiusa
|
blue_link
|
A Use of Hard-Coded Cryptographic Key issue was discovered in Hyundai Motor America Blue Link 3.9.5 and 3.9.4. The application uses a hard-coded decryption password to protect sensitive user informat…
|
CWE-798
Use of Hard-coded Credentials
|
CVE-2017-6054
|
2024-11-21 12:28 |
2017-04-26 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
250279
|
3.7 |
LOW
Adjacent
|
hyundaiusa
|
blue_link
|
A Man-in-the-Middle issue was discovered in Hyundai Motor America Blue Link 3.9.5 and 3.9.4. Communication channel endpoints are not verified, which may allow a remote attacker to access or influence…
|
NVD-CWE-noinfo
|
CVE-2017-6052
|
2024-11-21 12:28 |
2017-04-26 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
250280
|
4.6 |
MEDIUM
Physics
|
oneplus
|
oxygenos
|
In OxygenOS before 4.0.3 on OnePlus 3 and 3T devices, an unauthorized attacker can cause a locked bootloader to partially dump the ciphertext content of an arbitrary partition (except 'keystore') by …
|
CWE-476
NULL Pointer Dereference
|
CVE-2017-5625
|
2024-11-21 12:28 |
2017-04-26 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
