|
250781
|
8.1 |
HIGH
Network
|
exadel
|
flamingo_amf-serializer
|
The Java implementation of AMF3 deserializers used in Flamingo amf-serializer by Exadel, version 2.2.0 derives class instances from java.io.Externalizable rather than the AMF3 specification's recomme…
|
CWE-502
Deserialization of Untrusted Data
|
CVE-2017-3201
|
2024-11-21 12:25 |
2018-06-12 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
250782
|
8.1 |
HIGH
Network
|
graniteds
|
graniteds
|
The Java implementation of GraniteDS, version 3.1.1.GA, AMF3 deserializers derives class instances from java.io.Externalizable rather than the AMF3 specification's recommendation of flash.utils.IExte…
|
CWE-502
Deserialization of Untrusted Data
|
CVE-2017-3199
|
2024-11-21 12:25 |
2018-06-12 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
250783
|
9.8 |
CRITICAL
Network
|
exadel
|
flamingo
|
The Java implementation of AMF3 deserializers used in Flamingo amf-serializer by Exadel, version 2.2.0, may allow instantiation of arbitrary classes via their public parameter-less constructor and su…
|
CWE-502
Deserialization of Untrusted Data
|
CVE-2017-3202
|
2024-11-21 12:25 |
2018-06-12 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
250784
|
8.1 |
HIGH
Network
|
graniteds
|
graniteds
|
The Java implementation of AMF3 deserializers used in GraniteDS, version 3.1.1.G, may allow instantiation of arbitrary classes via their public parameter-less constructor and subsequently call arbitr…
|
CWE-502
Deserialization of Untrusted Data
|
CVE-2017-3200
|
2024-11-21 12:25 |
2018-06-12 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
250785
|
7.8 |
HIGH
Local
|
rawether_project
|
rawether
|
PCAUSA Rawether framework does not properly validate BPF data, allowing a crafted malicious BPF program to perform operations on memory outside of its typical bounds on the driver's receipt of networ…
|
CWE-119
Incorrect Access of Indexable Resource ('Range Error')
|
CVE-2017-3196
|
2024-11-21 12:25 |
2017-12-16 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
250786
|
9.8 |
CRITICAL
Network
|
commvault
|
edge
|
Commvault Edge Communication Service (cvd) prior to version 11 SP7 or version 11 SP6 with hotfix 590 is prone to a stack-based buffer overflow vulnerability that could lead to arbitrary code executio…
|
CWE-119
Incorrect Access of Indexable Resource ('Range Error')
|
CVE-2017-3195
|
2024-11-21 12:25 |
2017-12-16 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
250787
|
8.1 |
HIGH
Network
|
pandora
|
pandora
|
Pandora iOS app prior to version 8.3.2 fails to properly validate SSL certificates provided by HTTPS connections, which may enable an attacker to conduct man-in-the-middle (MITM) attacks.
|
CWE-200
Information Exposure
|
CVE-2017-3194
|
2024-11-21 12:25 |
2017-12-16 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
250788
|
8.8 |
HIGH
Adjacent
|
dlink
|
dir-850l_firmware
|
Multiple D-Link devices including the DIR-850L firmware versions 1.14B07 and 2.07.B05 contain a stack-based buffer overflow vulnerability in the web administration interface HNAP service.
|
CWE-119
Incorrect Access of Indexable Resource ('Range Error')
|
CVE-2017-3193
|
2024-11-21 12:25 |
2017-12-16 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
250789
|
9.8 |
CRITICAL
Network
|
d-link
|
dir-130_firmware
dir-330_firmware
|
D-Link DIR-130 firmware version 1.23 and DIR-330 firmware version 1.12 do not sufficiently protect administrator credentials. The tools_admin.asp page discloses the administrator password in base64 e…
|
CWE-522
Insufficiently Protected Credentials
|
CVE-2017-3192
|
2024-11-21 12:25 |
2017-12-16 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
250790
|
9.8 |
CRITICAL
Network
|
d-link
|
dir-130_firmware
dir-330_firmware
|
D-Link DIR-130 firmware version 1.23 and DIR-330 firmware version 1.12 are vulnerable to authentication bypass of the remote login page. A remote attacker that can access the remote management login …
|
CWE-20
Improper Input Validation
|
CVE-2017-3191
|
2024-11-21 12:25 |
2017-12-16 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
