|
247211
|
5.9 |
MEDIUM
Network
|
changyou
|
dolphin_web_browser
|
The MoboTap Dolphin Web Browser - Fast Private Internet Search app 9.23.0 through 9.23.2 for iOS does not verify X.509 certificates from SSL servers, which allows man-in-the-middle attackers to spoof…
|
CWE-295
Improper Certificate Validation
|
CVE-2017-8936
|
2024-11-21 12:35 |
2017-05-16 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
247212
|
5.9 |
MEDIUM
Network
|
gocivix
|
indiana_voters
|
The Quest Information Systems Indiana Voters app 1.1.24 for iOS does not verify X.509 certificates from SSL servers, which allows man-in-the-middle attackers to spoof servers and obtain sensitive inf…
|
CWE-295
Improper Certificate Validation
|
CVE-2017-8935
|
2024-11-21 12:35 |
2017-05-16 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
247213
|
5.5 |
MEDIUM
Local
|
pcmanfm_project
|
pcmanfm
|
PCManFM 1.2.5 insecurely uses /tmp for a socket file, allowing a local user to cause a denial of service (application unavailability).
|
CWE-20
Improper Input Validation
|
CVE-2017-8934
|
2024-11-21 12:35 |
2017-05-15 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
247214
|
3.3 |
LOW
Local
|
libmenu-cache_project
|
libmenu-cache
|
Libmenu-cache 1.0.2 insecurely uses /tmp for a socket file, allowing a local user to cause a denial of service (menu unavailability).
|
CWE-20
Improper Input Validation
|
CVE-2017-8933
|
2024-11-21 12:35 |
2017-05-15 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
247215
|
8.8 |
HIGH
Network
|
simpleinvoices
|
simple_invoices
|
Multiple cross-site request forgery (CSRF) vulnerabilities in Simple Invoices 2013.1.beta.8 allow remote attackers to hijack the authentication of admins for requests that can (1) create new administ…
|
CWE-352
Origin Validation Error
|
CVE-2017-8930
|
2024-11-21 12:35 |
2017-05-15 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
247216
|
7.5 |
HIGH
Network
|
virustotal
|
yara
|
The sized_string_cmp function in libyara/sizedstr.c in YARA 3.5.0 allows remote attackers to cause a denial of service (use-after-free and application crash) via a crafted rule.
|
CWE-416
Use After Free
|
CVE-2017-8929
|
2024-11-21 12:35 |
2017-05-15 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
247217
|
4.3 |
MEDIUM
Network
|
openstack
|
swift
|
In OpenStack Swift through 2.10.1, 2.11.0 through 2.13.0, and 2.14.0, the proxy-server logs full tempurl paths, potentially leaking reusable tempurl signatures to anyone with read access to these log…
|
CWE-200
Information Exposure
|
CVE-2017-8761
|
2024-11-21 12:34 |
2021-06-2 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
247218
|
8.8 |
HIGH
Adjacent
|
dlink
|
dcs-1100_firmware
dcs-1130_firmware
|
An issue was discovered on D-Link DCS-1100 and DCS-1130 devices. The device requires that a user logging into the device provide a username and password. However, the device allows D-Link apps on the…
|
CWE-255
Credentials Management
|
CVE-2017-8417
|
2024-11-21 12:34 |
2019-07-3 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
247219
|
7.2 |
HIGH
Network
|
open-xchange
|
ox_cloud
|
Open-Xchange GmbH OX Cloud Plugins 1.4.0 and earlier is affected by: Missing Authorization.
|
CWE-285
Improper Authorization
|
CVE-2017-8777
|
2024-11-21 12:34 |
2019-05-23 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
247220
|
5.4 |
MEDIUM
Network
|
synacor
|
zimbra_collaboration_suite
|
Synacor Zimbra Collaboration Suite (ZCS) before 8.7.10 has Persistent XSS.
|
CWE-79
Cross-site Scripting
|
CVE-2017-8783
|
2024-11-21 12:34 |
2018-02-4 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
