|
250371
|
8.8 |
HIGH
Network
|
opentext
|
documentum_content_server
|
OpenText Documentum Content Server (formerly EMC Documentum Content Server) 7.3, when PostgreSQL Database is used and return_top_results_row_based config option is false, does not properly restrict D…
|
CWE-74
Injection
|
CVE-2017-5585
|
2024-11-21 12:27 |
2017-02-23 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
250372
|
9.8 |
CRITICAL
Network
|
dotcms
|
dotcms
|
An issue was discovered in dotCMS through 3.6.1. The findChildrenByFilter() function which is called by the web accessible path /categoriesServlet performs string interpolation and direct SQL query e…
|
CWE-89
SQL Injection
|
CVE-2017-5344
|
2024-11-21 12:27 |
2017-02-17 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
250373
|
7.5 |
HIGH
Network
|
fedoraproject
gnu
|
fedora
ed
|
regex.c in GNU ed before 1.14.1 allows attackers to cause a denial of service (crash) via a malformed command, which triggers an invalid free.
|
CWE-416
Use After Free
|
CVE-2017-5357
|
2024-11-21 12:27 |
2017-02-17 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
250374
|
8.9 |
HIGH
Network
|
abbott
|
merlin\@home_firmware
|
An issue was discovered in St. Jude Medical Merlin@home, versions prior to Version 8.2.2 (RF models: EX1150; Inductive models: EX1100; and Inductive models: EX1100 with MerlinOnDemand capability). Th…
|
CWE-476
NULL Pointer Dereference
|
CVE-2017-5149
|
2024-11-21 12:27 |
2017-02-14 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
250375
|
7.5 |
HIGH
Network
|
hanwha-security
|
smart_security_manager
|
An issue was discovered in Hanwha Techwin Smart Security Manager Versions 1.5 and prior. Multiple Cross Site Request Forgery vulnerabilities have been identified. The flaws exist within the Redis and…
|
CWE-352
Origin Validation Error
|
CVE-2017-5169
|
2024-11-21 12:27 |
2017-02-14 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
250376
|
7.5 |
HIGH
Network
|
hanwha-security
|
smart_security_manager
|
An issue was discovered in Hanwha Techwin Smart Security Manager Versions 1.5 and prior. Multiple Path Traversal vulnerabilities have been identified. The flaws exist within the ActiveMQ Broker servi…
|
CWE-22
Path Traversal
|
CVE-2017-5168
|
2024-11-21 12:27 |
2017-02-14 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
250377
|
8.6 |
HIGH
Network
|
binom3
|
universal_multifunctional_electric_power_quality_meter_firmware
|
An issue was discovered in BINOM3 Universal Multifunctional Electric Power Quality Meter. Users do not have any option to change their own passwords.
|
CWE-798
Use of Hard-coded Credentials
|
CVE-2017-5167
|
2024-11-21 12:27 |
2017-02-14 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
250378
|
9.8 |
CRITICAL
Network
|
binom3
|
universal_multifunctional_electric_power_quality_meter_firmware
|
An issue was discovered in BINOM3 Universal Multifunctional Electric Power Quality Meter. An INFORMATION EXPOSURE flaw can be used to gain privileged access to the device.
|
CWE-200
Information Exposure
|
CVE-2017-5166
|
2024-11-21 12:27 |
2017-02-14 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
250379
|
7.6 |
HIGH
Network
|
binom3
|
universal_multifunctional_electric_power_quality_meter_firmware
|
An issue was discovered in BINOM3 Universal Multifunctional Electric Power Quality Meter. There is no CSRF Token generated per page and/or per (sensitive) function. Successful exploitation of this vu…
|
CWE-352
Origin Validation Error
|
CVE-2017-5165
|
2024-11-21 12:27 |
2017-02-14 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
250380
|
6.1 |
MEDIUM
Network
|
binom3
|
universal_multifunctional_electric_power_quality_meter_firmware
|
An issue was discovered in BINOM3 Universal Multifunctional Electric Power Quality Meter. Input sent from a malicious client is not properly verified by the server. An attacker can execute arbitrary …
|
CWE-79
Cross-site Scripting
|
CVE-2017-5164
|
2024-11-21 12:27 |
2017-02-14 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
