|
247181
|
6.1 |
MEDIUM
Network
|
open-xchange
|
open-xchange_appsuite
|
OX Software GmbH OX App Suite 7.8.4 and earlier is affected by: Cross Site Scripting (XSS).
|
CWE-79
Cross-site Scripting
|
CVE-2017-9808
|
2024-11-21 12:36 |
2019-05-23 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
247182
|
5.3 |
MEDIUM
Network
|
open-xchange
|
open-xchange_appsuite
|
OX Software GmbH OX App Suite 7.8.4 and earlier is affected by: Information Exposure.
|
CWE-200
Information Exposure
|
CVE-2017-9809
|
2024-11-21 12:36 |
2019-05-23 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
247183
|
9.8 |
CRITICAL
Network
|
marel
|
pluto1203
pluto2
|
Systems using the Marel Food Processing Systems Pluto platform do not restrict remote access. Marel has created an update for Pluto-based applications. This update will restrict remote access by impl…
|
CWE-732
Incorrect Permission Assignment for Critical Resource
|
CVE-2017-9626
|
2024-11-21 12:36 |
2019-03-28 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
247184
|
7.5 |
HIGH
Network
|
secure-endpoints
|
kerberised_netcat
|
The read_packet function in knc (Kerberised NetCat) before 1.11-1 is vulnerable to denial of service (memory exhaustion) that can be exploited remotely without authentication, possibly affecting anot…
|
CWE-400
Uncontrolled Resource Consumption
|
CVE-2017-9732
|
2024-11-21 12:36 |
2018-12-21 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
247185
|
7.8 |
HIGH
Local
|
google
|
android
|
In all android releases(Android for MSM, Firefox OS for MSM, QRD Android) from CAF using the linux kernel, There is no synchronization between msm_vb2 buffer operations which can lead to use after fr…
|
CWE-416
Use After Free
|
CVE-2017-9704
|
2024-11-21 12:36 |
2018-12-21 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
247186
|
9.8 |
CRITICAL
Network
|
npci
|
bharat_interface_for_money_\(bhim\)
|
The National Payments Corporation of India BHIM application 1.3 for Android relies on three hardcoded strings (AK-NPCIMB, IM-NPCIBM, and VK-NPCIBM) for SMS validation, which makes it easier for attac…
|
CWE-798
Use of Hard-coded Credentials
|
CVE-2017-9821
|
2024-11-21 12:36 |
2018-08-25 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
247187
|
9.8 |
CRITICAL
Network
|
npci
|
bharat_interface_for_money_\(bhim\)
|
The National Payments Corporation of India BHIM application 1.3 for Android uses a custom keypad for which the input element is available to the Accessibility service, which makes it easier for attac…
|
CWE-287
Improper Authentication
|
CVE-2017-9820
|
2024-11-21 12:36 |
2018-08-25 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
247188
|
9.8 |
CRITICAL
Network
|
npci
|
bharat_interface_for_money_\(bhim\)
|
The National Payments Corporation of India BHIM application 1.3 for Android does not properly restrict use of the OTP feature, which makes it easier for attackers to bypass authentication.
|
CWE-287
Improper Authentication
|
CVE-2017-9819
|
2024-11-21 12:36 |
2018-08-25 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
247189
|
7.5 |
HIGH
Network
|
npci
|
bharat_interface_for_money_\(bhim\)
|
The National Payments Corporation of India BHIM application 1.3 for Android relies on a four-digit passcode, which makes it easier for attackers to obtain access.
|
CWE-521
Weak Password Requirements
|
CVE-2017-9818
|
2024-11-21 12:36 |
2018-08-25 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
247190
|
8.8 |
HIGH
Network
|
osisoft
|
pi_coresight
|
PI Coresight 2016 R2 contains a cross-site request forgery vulnerability that may allow access to the PI system. OSIsoft recommends that users upgrade to PI Vision 2017 or greater to mitigate this vu…
|
CWE-352
Origin Validation Error
|
CVE-2017-9641
|
2024-11-21 12:36 |
2018-05-26 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
