|
251281
|
5.3 |
MEDIUM
Network
|
milwaukee
|
one-key
|
The Milwaukee ONE-KEY Android mobile application uses bearer tokens with an expiration of one year. This bearer token, in combination with a user_id can be used to perform user actions.
|
CWE-613
Insufficient Session Expiration
|
CVE-2017-3215
|
2024-11-21 12:25 |
2017-06-20 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
251282
|
7.5 |
HIGH
Network
|
milwaukeetool
|
one-key
|
The Milwaukee ONE-KEY Android mobile application stores the master token in plaintext in the apk binary.
|
CWE-312
CWE-522
Cleartext Storage of Sensitive Information
Insufficiently Protected Credentials
|
CVE-2017-3214
|
2024-11-21 12:25 |
2017-06-20 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
251283
|
5.9 |
MEDIUM
Network
|
think_mutual_bank
|
think_mutual_bank_mobile_banking_app
|
The Think Mutual Bank Mobile Banking app 3.1.5 for iOS does not verify X.509 certificates from SSL servers, which allows man-in-the-middle attackers to spoof servers and obtain sensitive information …
|
CWE-295
Improper Certificate Validation
|
CVE-2017-3213
|
2024-11-21 12:25 |
2017-05-5 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
251284
|
5.9 |
MEDIUM
Network
|
sccu
|
space_coast_credit_union
|
The Space Coast Credit Union Mobile app 2.2 for iOS and 2.1.0.1104 for Android does not verify X.509 certificates from SSL servers, which allows man-in-the-middle attackers to spoof servers and obtai…
|
CWE-295
Improper Certificate Validation
|
CVE-2017-3212
|
2024-11-21 12:25 |
2017-05-5 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
251285
|
7.1 |
HIGH
Network
|
oracle
|
one-to-one_fulfillment
|
Vulnerability in the Oracle One-to-One Fulfillment component of Oracle E-Business Suite (subcomponent: Audience workbench). Supported versions that are affected are 12.1.1, 12.1.2 and 12.1.3. Easily …
|
NVD-CWE-noinfo
|
CVE-2017-3434
|
2024-11-21 12:25 |
2017-04-26 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
251286
|
7.1 |
HIGH
Network
|
oracle
|
marketing
|
Vulnerability in the Oracle Marketing component of Oracle E-Business Suite (subcomponent: User Interface). Supported versions that are affected are 12.1.1, 12.1.2, 12.1.3, 12.2.3, 12.2.4, 12.2.5 and …
|
NVD-CWE-noinfo
|
CVE-2017-3356
|
2024-11-21 12:25 |
2017-04-26 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
251287
|
7.1 |
HIGH
Network
|
oracle
|
marketing
|
Vulnerability in the Oracle Marketing component of Oracle E-Business Suite (subcomponent: User Interface). Supported versions that are affected are 12.1.1, 12.1.2, 12.1.3, 12.2.3, 12.2.4, 12.2.5 and …
|
NVD-CWE-noinfo
|
CVE-2017-3355
|
2024-11-21 12:25 |
2017-04-26 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
251288
|
7.1 |
HIGH
Network
|
oracle
|
marketing
|
Vulnerability in the Oracle Marketing component of Oracle E-Business Suite (subcomponent: User Interface). Supported versions that are affected are 12.1.1, 12.1.2, 12.1.3, 12.2.3, 12.2.4, 12.2.5 and …
|
NVD-CWE-noinfo
|
CVE-2017-3347
|
2024-11-21 12:25 |
2017-04-26 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
251289
|
7.1 |
HIGH
Network
|
oracle
|
marketing
|
Vulnerability in the Oracle Marketing component of Oracle E-Business Suite (subcomponent: User Interface). Supported versions that are affected are 12.1.1, 12.1.2, 12.1.3, 12.2.3, 12.2.4, 12.2.5 and …
|
NVD-CWE-noinfo
|
CVE-2017-3345
|
2024-11-21 12:25 |
2017-04-26 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
251290
|
7.1 |
HIGH
Network
|
oracle
|
marketing
|
Vulnerability in the Oracle Marketing component of Oracle E-Business Suite (subcomponent: User Interface). Supported versions that are affected are 12.1.1, 12.1.2, 12.1.3, 12.2.3, 12.2.4, 12.2.5 and …
|
NVD-CWE-noinfo
|
CVE-2017-3342
|
2024-11-21 12:25 |
2017-04-26 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
