|
246901
|
8.8 |
HIGH
Network
|
philips
|
dosewise
|
The Philips DoseWise Portal web-based application versions 1.1.7.333 and 2.1.1.3069 stores login credentials in clear text within backend system files. CVSS v3 base score: 6.5, CVSS vector string: AV…
|
CWE-522
Insufficiently Protected Credentials
|
CVE-2017-9654
|
2024-11-21 12:36 |
2018-04-25 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
246902
|
9.1 |
CRITICAL
Network
|
philips
|
dosewise
|
The backend database of the Philips DoseWise Portal application versions 1.1.7.333 and 2.1.1.3069 uses hard-coded credentials for a database account with privileges that can affect confidentiality, i…
|
CWE-798
Use of Hard-coded Credentials
|
CVE-2017-9656
|
2024-11-21 12:36 |
2018-04-25 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
246903
|
9.8 |
CRITICAL
Network
|
mitsubishielectric
|
e-designer
|
Mitsubishi E-Designer, Version 7.52 Build 344 contains six code sections which may be exploited to overwrite the stack. This can result in arbitrary code execution, compromised data integrity, denial…
|
CWE-119
Incorrect Access of Indexable Resource ('Range Error')
|
CVE-2017-9638
|
2024-11-21 12:36 |
2018-04-17 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
246904
|
9.8 |
CRITICAL
Network
|
mitsubishielectric
|
e-designer
|
Mitsubishi E-Designer, Version 7.52 Build 344 contains five code sections which may be exploited to overwrite the heap. This can result in arbitrary code execution, compromised data integrity, denial…
|
CWE-119
Incorrect Access of Indexable Resource ('Range Error')
|
CVE-2017-9636
|
2024-11-21 12:36 |
2018-04-17 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
246905
|
9.8 |
CRITICAL
Network
|
mitsubishielectric
|
e-designer
|
Mitsubishi E-Designer, Version 7.52 Build 344 contains two code sections which may be exploited to allow an attacker to overwrite arbitrary memory locations. This can result in arbitrary code executi…
|
CWE-787
Out-of-bounds Write
|
CVE-2017-9634
|
2024-11-21 12:36 |
2018-04-17 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
246906
|
8.8 |
HIGH
Network
|
dolibarr
|
dolibarr_erp\/crm
|
Dolibarr ERP/CRM is affected by SQL injection in versions before 5.0.4 via product/stats/card.php (type parameter).
|
CWE-89
SQL Injection
|
CVE-2017-9839
|
2024-11-21 12:36 |
2018-04-11 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
246907
|
5.4 |
MEDIUM
Network
|
dolibarr
|
dolibarr_erp\/crm
|
Dolibarr ERP/CRM is affected by multiple reflected Cross-Site Scripting (XSS) vulnerabilities in versions before 5.0.4: index.php (leftmenu parameter), core/ajax/box.php (PATH_INFO), product/stats/ca…
|
CWE-79
Cross-site Scripting
|
CVE-2017-9838
|
2024-11-21 12:36 |
2018-04-11 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
246908
|
7.8 |
HIGH
Local
|
google
|
android
|
The touchscreen driver synaptics_dsx in Android for MSM, Firefox OS for MSM, and QRD Android before 2017-06-05, the size of a stack-allocated buffer can be set to a value which exceeds the size of th…
|
CWE-119
Incorrect Access of Indexable Resource ('Range Error')
|
CVE-2017-9723
|
2024-11-21 12:36 |
2018-03-31 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
246909
|
7.8 |
HIGH
Local
|
qcacld_2.0_project
|
qcacld_2.0
|
While parsing Netlink attributes in QCA_WLAN_VENDOR_ATTR_EXTSCAN_BSSID_HOTLIST_PARAMS_LOST_AP_SAMPLE_SIZE in qcacld 2.0 before 2017-05-16, a buffer overread could occur.
|
CWE-119
Incorrect Access of Indexable Resource ('Range Error')
|
CVE-2017-9694
|
2024-11-21 12:36 |
2018-03-31 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
246910
|
5.5 |
MEDIUM
Local
|
google
|
android
|
The length of attribute value for STA_EXT_CAPABILITY in __wlan_hdd_change_station in Android for MSM, Firefox OS for MSM, and QRD Android before 2017-06-06 being less than the actual lenth of StaPara…
|
CWE-119
Incorrect Access of Indexable Resource ('Range Error')
|
CVE-2017-9693
|
2024-11-21 12:36 |
2018-03-31 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
