|
257301
|
6.5 |
MEDIUM
Network
|
metinfo
|
metinfo
|
Metinfo 5.3.18 is affected by: Cross Site Request Forgery (CSRF). The impact is: Information Disclosure (remote). The component is: admin/index.php. The attack vector is: The administrator clicks on …
|
CWE-352
Origin Validation Error
|
CVE-2017-12790
|
2024-11-21 12:10 |
2019-05-10 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
257302
|
7.1 |
HIGH
Local
|
qbittorrent
|
qbittorrent
|
The UI Lock feature in qBittorrent version 3.3.15 is vulnerable to Authentication Bypass, which allows Attack to gain unauthorized access to qBittorrent functions by tampering the affected flag value…
|
CWE-287
Improper Authentication
|
CVE-2017-12778
|
2024-11-21 12:10 |
2019-05-10 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
257303
|
7.5 |
HIGH
Network
|
imagemagick
|
imagemagick
|
In ImageMagick 7.0.6-6, a memory exhaustion vulnerability was found in the function format8BIM, which allows attackers to cause a denial of service.
|
CWE-400
Uncontrolled Resource Consumption
|
CVE-2017-12806
|
2024-11-21 12:10 |
2019-05-10 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
257304
|
7.5 |
HIGH
Network
|
imagemagick
|
imagemagick
|
In ImageMagick 7.0.6-6, a memory exhaustion vulnerability was found in the function ReadTIFFImage, which allows attackers to cause a denial of service.
|
CWE-400
Uncontrolled Resource Consumption
|
CVE-2017-12805
|
2024-11-21 12:10 |
2019-05-10 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
257305
|
6.5 |
MEDIUM
Network
|
entropymine
|
imageworsener
|
The iwgif_init_screen function in imagew-gif.c:510 in ImageWorsener 1.3.2 allows remote attackers to cause a denial of service (hmemory exhaustion) via a crafted file.
|
CWE-400
Uncontrolled Resource Consumption
|
CVE-2017-12804
|
2024-11-21 12:10 |
2019-05-10 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
257306
|
6.1 |
MEDIUM
Network
|
metinfo
|
metinfo
|
Multiple cross-site scripting (XSS) vulnerabilities in admin/index.php in Metinfo 5.3.18 allows remote attackers to inject arbitrary web script or HTML via the (1) class1 parameter or the (2) anyid p…
|
CWE-79
Cross-site Scripting
|
CVE-2017-12788
|
2024-11-21 12:10 |
2019-05-10 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
257307
|
7.5 |
HIGH
Network
|
psafe
|
dfndr_security
|
DFNDR Security Antivirus, Anti-hacking & Cleaner, 5.0.9, 2017-11-01, Android application uses a hard-coded key for encryption. Data stored using this key can be decrypted by anyone able to access thi…
|
CWE-798
Use of Hard-coded Credentials
|
CVE-2017-13108
|
2024-11-21 12:10 |
2018-08-16 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
257308
|
7.5 |
HIGH
Network
|
liveme
|
liveme
|
Live.me - live stream video chat, 3.7.20, 2017-11-06, Android application uses a hard-coded key for encryption. Data stored using this key can be decrypted by anyone able to access this key.
|
CWE-798
Use of Hard-coded Credentials
|
CVE-2017-13107
|
2024-11-21 12:10 |
2018-08-16 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
257309
|
7.5 |
HIGH
Network
|
cmcm
|
cm_launcher_3d
|
Cheetahmobile CM Launcher 3D - Theme, wallpaper, Secure, Efficient, 5.0.3, 2017-09-19, Android application uses a hard-coded key for encryption. Data stored using this key can be decrypted by anyone …
|
CWE-798
Use of Hard-coded Credentials
|
CVE-2017-13106
|
2024-11-21 12:10 |
2018-08-16 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
257310
|
5.9 |
MEDIUM
Network
|
hisecuritylab
|
virus_cleaner
|
Hi Security Virus Cleaner - Antivirus, Booster, 3.7.1.1329, 2017-09-13, Android application accepts all SSL certificates during SSL communication. This opens the application up to a man-in-the-middle…
|
CWE-295
Improper Certificate Validation
|
CVE-2017-13105
|
2024-11-21 12:10 |
2018-08-16 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
