|
257991
|
7.1 |
HIGH
Adjacent
|
samba
redhat
debian
|
samba
enterprise_linux_desktop
enterprise_linux_workstation
enterprise_linux_server
gluster_storage
debian_linux
|
An information leak flaw was found in the way SMB1 protocol was implemented by Samba before 4.4.16, 4.5.x before 4.5.14, and 4.6.x before 4.6.8. A malicious client could use this flaw to dump server …
|
-
|
CVE-2017-12163
|
2024-11-21 12:08 |
2018-07-27 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
257992
|
8.8 |
HIGH
Network
|
opcfoundation
|
ua-.net-legacy
|
Unsigned versions of the DLLs distributed by the OPC Foundation may be replaced with malicious code.
|
CWE-20
Improper Input Validation
|
CVE-2017-12070
|
2024-11-21 12:08 |
2018-06-15 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
257993
|
7.8 |
HIGH
Local
|
opcfoundation
|
local_discovery_server
|
The OPC Foundation Local Discovery Server (LDS) before 1.03.367 is installed as a Windows Service without adding double quotes around the opcualds.exe executable path, which might allow local users t…
|
CWE-428
Unquoted Search Path or Element
|
CVE-2017-11672
|
2024-11-21 12:08 |
2018-06-14 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
257994
|
7.2 |
HIGH
Network
|
synology
|
router_manager
|
Command injection vulnerability in EZ-Internet in Synology Router Manager (SRM) before 1.1.6-6931 allows remote authenticated users to execute arbitrary command via the username parameter.
|
CWE-77
Command Injection
|
CVE-2017-12078
|
2024-11-21 12:08 |
2018-06-8 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
257995
|
7.2 |
HIGH
Network
|
synology
|
diskstation_manager
|
Command injection vulnerability in EZ-Internet in Synology DiskStation Manager (DSM) before 6.2-23739 allows remote authenticated users to execute arbitrary command via the username parameter.
|
CWE-77
Command Injection
|
CVE-2017-12075
|
2024-11-21 12:08 |
2018-06-8 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
257996
|
7.5 |
HIGH
Network
|
rockwellautomation
|
micrologix_1400_b_firmware
|
An exploitable file write vulnerability exists in the memory module functionality of Allen Bradley Micrologix 1400 Series B FRN 21.2 and before. A specially crafted packet can cause a file write resu…
|
CWE-200
Information Exposure
|
CVE-2017-12092
|
2024-11-21 12:08 |
2018-06-5 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
257997
|
8.0 |
HIGH
Adjacent
|
moxa
|
edr-810_firmware
|
An exploitable Weak Cryptography for Passwords vulnerability exists in the web server functionality of Moxa EDR-810 V4.1 build 17030317. An attacker could intercept weakly encrypted passwords and cou…
|
CWE-327
Use of a Broken or Risky Cryptographic Algorithm
|
CVE-2017-12129
|
2024-11-21 12:08 |
2018-05-15 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
257998
|
7.5 |
HIGH
Network
|
moxa
|
edr-810_firmware
|
An exploitable information disclosure vulnerability exists in the Server Agent functionality of Moxa EDR-810 V4.1 build 17030317. A specially crafted TCP packet can cause information disclosure. An a…
|
CWE-200
Information Exposure
|
CVE-2017-12128
|
2024-11-21 12:08 |
2018-05-15 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
257999
|
4.4 |
MEDIUM
Local
|
moxa
|
edr-810_firmware
|
A password storage vulnerability exists in the operating system functionality of Moxa EDR-810 V4.1 build 17030317. An attacker with shell access could extract passwords in clear text from the device.
|
CWE-522
Insufficiently Protected Credentials
|
CVE-2017-12127
|
2024-11-21 12:08 |
2018-05-15 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
258000
|
8.8 |
HIGH
Network
|
moxa
|
edr-810_firmware
|
An exploitable cross-site request forgery vulnerability exists in the web server functionality of Moxa EDR-810 V4.1 build 17030317. A specially crafted HTTP packet can cause cross-site request forger…
|
CWE-352
Origin Validation Error
|
CVE-2017-12126
|
2024-11-21 12:08 |
2018-05-15 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
