|
257831
|
5.6 |
MEDIUM
Network
|
prominent
|
multiflex_m10a_controller_firmware
|
An Insufficient Session Expiration issue was discovered in ProMinent MultiFLEX M10a Controller web interface. The user's session is available for an extended period beyond the last activity, allowing…
|
CWE-613
Insufficient Session Expiration
|
CVE-2017-14007
|
2024-11-21 12:11 |
2017-10-18 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
257832
|
8.8 |
HIGH
Network
|
prominent
|
multiflex_m10a_controller_firmware
|
An Unverified Password Change issue was discovered in ProMinent MultiFLEX M10a Controller web interface. When setting a new password for a user, the application does not require the user to know the …
|
CWE-640
Weak Password Recovery Mechanism for Forgotten Password
|
CVE-2017-14005
|
2024-11-21 12:11 |
2017-10-18 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
257833
|
9.8 |
CRITICAL
Network
|
we-con
|
levi_studio_hmi_editor
|
A Stack-based Buffer Overflow issue was discovered in WECON LEVI Studio HMI Editor v1.8.1 and prior. Multiple stack-based buffer overflow vulnerabilities have been identified in which the application…
|
CWE-119
Incorrect Access of Indexable Resource ('Range Error')
|
CVE-2017-13999
|
2024-11-21 12:11 |
2017-10-18 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
257834
|
9.8 |
CRITICAL
Network
|
lavalink
|
ether-serial_link_firmware
|
An Authentication Bypass by Spoofing issue was discovered in LAVA Ether-Serial Link (ESL) running firmware versions 6.01.00/29.03.2007 and prior versions. An improper authentication vulnerability has…
|
CWE-287
Improper Authentication
|
CVE-2017-14003
|
2024-11-21 12:11 |
2017-10-12 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
257835
|
7.1 |
HIGH
Local
|
x.org
|
libxfont
|
In the pcfGetProperties function in bitmap/pcfread.c in libXfont through 1.5.2 and 2.x before 2.0.2, a missing boundary check (for PCF files) could be used by local attackers authenticated to an Xser…
|
CWE-125
Out-of-bounds Read
|
CVE-2017-13722
|
2024-11-21 12:11 |
2017-10-12 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
257836
|
7.1 |
HIGH
Local
|
x.org
|
libxfont
|
In the PatternMatch function in fontfile/fontdir.c in libXfont through 1.5.2 and 2.x before 2.0.2, an attacker with access to an X connection can cause a buffer over-read during pattern matching of f…
|
CWE-125
Out-of-bounds Read
|
CVE-2017-13720
|
2024-11-21 12:11 |
2017-10-12 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
257837
|
4.2 |
MEDIUM
Adjacent
|
symantec
|
encryption_desktop
|
A denial of service (DoS) attack in Symantec Encryption Desktop before SED 10.4.1 MP2HF1 allows remote attackers to make a particular machine or network resource unavailable to its intended users by …
|
NVD-CWE-noinfo
|
CVE-2017-13679
|
2024-11-21 12:11 |
2017-10-11 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
257838
|
4.2 |
MEDIUM
Adjacent
|
symantec
|
endpoint_encryption
|
A denial of service (DoS) attack in Symantec Endpoint Encryption before SEE 11.1.3HF2 allows remote attackers to make a particular machine or network resource unavailable to its intended users by tem…
|
NVD-CWE-noinfo
|
CVE-2017-13675
|
2024-11-21 12:11 |
2017-10-11 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
257839
|
9.9 |
CRITICAL
Network
|
lansweeper
|
lansweeper
|
XML external entity (XXE) vulnerability in the import package functionality of the deployment module in Lansweeper before 6.0.100.67 allows remote authenticated users to obtain sensitive information,…
|
CWE-611
XXE
|
CVE-2017-13706
|
2024-11-21 12:11 |
2017-10-10 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
257840
|
7.8 |
HIGH
Local
|
x.org
debian
|
xorg-server
debian_linux
|
In X.Org Server (aka xserver and xorg-server) before 1.19.4, a local attacker authenticated to the X server could overflow a global buffer, causing crashes of the X server or potentially other proble…
|
CWE-119
Incorrect Access of Indexable Resource ('Range Error')
|
CVE-2017-13723
|
2024-11-21 12:11 |
2017-10-10 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
