|
246931
|
7.5 |
HIGH
Network
|
microfocus
|
bi-directional_driver
|
The Bi-directional driver in IDM 4.5 before 4.0.3.0 could be susceptible to a denial of service attack.
|
CWE-20
Improper Input Validation
|
CVE-2017-9272
|
2024-11-21 12:35 |
2017-10-7 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
246932
|
9.8 |
CRITICAL
Network
|
microfocus
|
visibroker
|
An out-of-bounds read (CWE-125) vulnerability exists in Micro Focus VisiBroker 8.5. The feasibility of leveraging this vulnerability for further attacks was not assessed.
|
CWE-125
Out-of-bounds Read
|
CVE-2017-9283
|
2024-11-21 12:35 |
2017-09-22 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
246933
|
9.8 |
CRITICAL
Network
|
microfocus
|
visibroker
|
An integer overflow (CWE-190) led to an out-of-bounds write (CWE-787) on a heap-allocated area, leading to heap corruption in Micro Focus VisiBroker 8.5. The feasibility of leveraging this vulnerabil…
|
CWE-190
Integer Overflow or Wraparound
|
CVE-2017-9282
|
2024-11-21 12:35 |
2017-09-22 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
246934
|
7.5 |
HIGH
Network
|
microfocus
|
visibroker
|
An integer overflow (CWE-190) potentially causing an out-of-bounds read (CWE-125) vulnerability in Micro Focus VisiBroker 8.5 can lead to a denial of service.
|
CWE-190
Integer Overflow or Wraparound
|
CVE-2017-9281
|
2024-11-21 12:35 |
2017-09-22 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
246935
|
8.8 |
HIGH
Network
|
openwebif_project
|
openwebif
|
OpenWebif 1.2.5 allows remote code execution via a URL to the CallOPKG function in the IpkgController class in plugin/controllers/ipkg.py, when the URL refers to an attacker-controlled web site with …
|
CWE-20
Improper Input Validation
|
CVE-2017-9333
|
2024-11-21 12:35 |
2017-09-18 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
246936
|
9.8 |
CRITICAL
Network
|
terra-master
|
terramaster_operating_system
|
Shell metacharacter injection vulnerability in /usr/www/include/ajax/GetTest.php in TerraMaster TOS before 3.0.34 leads to remote code execution as root.
|
CWE-78
OS Command
|
CVE-2017-9328
|
2024-11-21 12:35 |
2017-09-16 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
246937
|
5.5 |
MEDIUM
Local
|
divinglog
|
diving_log
|
XXE in Diving Log 6.0 allows attackers to remotely view local files through a crafted dive.xml file that is mishandled during a Subsurface import.
|
CWE-611
XXE
|
CVE-2017-9095
|
2024-11-21 12:35 |
2017-09-8 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
246938
|
8.8 |
HIGH
Network
|
blackberry
|
workspaces
|
An information disclosure / elevation of privilege vulnerability in the BlackBerry Workspaces Server could potentially allow an attacker who has legitimate access to BlackBerry Workspaces to gain acc…
|
CWE-287
Improper Authentication
|
CVE-2017-9370
|
2024-11-21 12:35 |
2017-08-10 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
246939
|
7.8 |
HIGH
Local
|
sierrawireless
|
sierra_wireless_em7455_software
sierra_wireless_location_sensor_driver
sierra_wireless_em7345_software
|
Multiple unquoted service path vulnerabilities in Sierra Wireless Windows Mobile Broadband Driver Package (MBDP) with build ID < 4657 allows local users to launch processes with elevated privileges.
|
CWE-428
Unquoted Search Path or Element
|
CVE-2017-9247
|
2024-11-21 12:35 |
2017-08-3 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
246940
|
6.1 |
MEDIUM
Network
|
trello
|
trello
|
Cross-site scripting (XSS) vulnerability in the Trello app before 4.0.8 for iOS might allow remote attackers to inject arbitrary web script or HTML by uploading and attaching a crafted photo to a Car…
|
CWE-79
Cross-site Scripting
|
CVE-2017-9244
|
2024-11-21 12:35 |
2017-08-3 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
