|
247011
|
5.4 |
MEDIUM
Network
|
synology
|
video_station
|
Cross-site scripting (XSS) vulnerability in Video Metadata Editor in Synology Video Station before 2.3.0-1435 allows remote authenticated attackers to inject arbitrary web script or HTML via the titl…
|
CWE-79
Cross-site Scripting
|
CVE-2017-9556
|
2024-11-21 12:36 |
2017-08-12 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
247012
|
8.8 |
HIGH
Network
|
apache
|
storm
|
It was found that under some situations and configurations of Apache Storm 1.x before 1.0.4 and 1.1.x before 1.1.1, it is theoretically possible for the owner of a topology to trick the supervisor to…
|
NVD-CWE-noinfo
|
CVE-2017-9799
|
2024-11-21 12:36 |
2017-08-10 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
247013
|
7.5 |
HIGH
Network
|
apache
|
commons_email
|
When a call-site passes a subject for an email that contains line-breaks in Apache Commons Email 1.0 through 1.4, the caller can add arbitrary SMTP headers.
|
CWE-20
Improper Input Validation
|
CVE-2017-9801
|
2024-11-21 12:36 |
2017-08-8 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
247014
|
7.5 |
HIGH
Network
|
sma
|
sunny_explorer
|
An issue was discovered in SMA Solar Technology products. By sending nonsense data or setting up a TELNET session to the database port of Sunny Explorer, the application can be crashed. NOTE: the ven…
|
NVD-CWE-noinfo
|
CVE-2017-9851
|
2024-11-21 12:36 |
2017-08-6 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
247015
|
5.5 |
MEDIUM
Local
|
razerzone
|
razer_synapse
|
A specially crafted IOCTL can be issued to the rzpnk.sys driver in Razer Synapse that can cause an out of bounds read operation to occur due to a field within the IOCTL data being used as a length.
|
CWE-125
Out-of-bounds Read
|
CVE-2017-9770
|
2024-11-21 12:36 |
2017-08-3 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
247016
|
9.8 |
CRITICAL
Network
|
razer
|
synapse
|
A specially crafted IOCTL can be issued to the rzpnk.sys driver in Razer Synapse 2.20.15.1104 that is forwarded to ZwOpenProcess allowing a handle to be opened to an arbitrary process.
|
NVD-CWE-noinfo
|
CVE-2017-9769
|
2024-11-21 12:36 |
2017-08-3 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
247017
|
6.1 |
MEDIUM
Network
|
paloaltonetworks
|
pan-os
|
Cross-site scripting (XSS) vulnerability in the GlobalProtect external interface in Palo Alto Networks PAN-OS before 6.1.18, 7.x before 7.0.16, 7.1.x before 7.1.11, and 8.x before 8.0.3 allows remote…
|
CWE-79
Cross-site Scripting
|
CVE-2017-9467
|
2024-11-21 12:36 |
2017-08-3 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
247018
|
6.1 |
MEDIUM
Network
|
paloaltonetworks
|
pan-os
|
Cross-site scripting (XSS) vulnerability in the management web interface in Palo Alto Networks PAN-OS before 6.1.18, 7.x before 7.0.16, 7.1.x before 7.1.11, and 8.x before 8.0.3 allows remote attacke…
|
CWE-79
Cross-site Scripting
|
CVE-2017-9459
|
2024-11-21 12:36 |
2017-08-3 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
247019
|
6.6 |
MEDIUM
Physics
|
infineon
|
s-gold_2_pmb_8876
|
A Stack-Based Buffer Overflow issue was discovered in the Continental AG Infineon S-Gold 2 (PMB 8876) chipset on BMW several models produced between 2009-2010, Ford a limited number of P-HEV vehicles…
|
CWE-119
Incorrect Access of Indexable Resource ('Range Error')
|
CVE-2017-9647
|
2024-11-21 12:36 |
2017-08-7 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
247020
|
8.8 |
HIGH
Adjacent
|
infineon
|
s-gold_2_pmb_8876
|
An Improper Restriction of Operations within the Bounds of a Memory Buffer issue was discovered in the Continental AG Infineon S-Gold 2 (PMB 8876) chipset on BMW several models produced between 2009-…
|
CWE-119
Incorrect Access of Indexable Resource ('Range Error')
|
CVE-2017-9633
|
2024-11-21 12:36 |
2017-08-7 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
