|
247691
|
7.5 |
HIGH
Network
|
microfocus
|
visibroker
|
An integer overflow (CWE-190) potentially causing an out-of-bounds read (CWE-125) vulnerability in Micro Focus VisiBroker 8.5 can lead to a denial of service.
|
CWE-190
Integer Overflow or Wraparound
|
CVE-2017-9281
|
2024-11-21 12:35 |
2017-09-22 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
247692
|
8.8 |
HIGH
Network
|
openwebif_project
|
openwebif
|
OpenWebif 1.2.5 allows remote code execution via a URL to the CallOPKG function in the IpkgController class in plugin/controllers/ipkg.py, when the URL refers to an attacker-controlled web site with …
|
CWE-20
Improper Input Validation
|
CVE-2017-9333
|
2024-11-21 12:35 |
2017-09-18 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
247693
|
9.8 |
CRITICAL
Network
|
terra-master
|
terramaster_operating_system
|
Shell metacharacter injection vulnerability in /usr/www/include/ajax/GetTest.php in TerraMaster TOS before 3.0.34 leads to remote code execution as root.
|
CWE-78
OS Command
|
CVE-2017-9328
|
2024-11-21 12:35 |
2017-09-16 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
247694
|
5.5 |
MEDIUM
Local
|
divinglog
|
diving_log
|
XXE in Diving Log 6.0 allows attackers to remotely view local files through a crafted dive.xml file that is mishandled during a Subsurface import.
|
CWE-611
XXE
|
CVE-2017-9095
|
2024-11-21 12:35 |
2017-09-8 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
247695
|
8.8 |
HIGH
Network
|
blackberry
|
workspaces
|
An information disclosure / elevation of privilege vulnerability in the BlackBerry Workspaces Server could potentially allow an attacker who has legitimate access to BlackBerry Workspaces to gain acc…
|
CWE-287
Improper Authentication
|
CVE-2017-9370
|
2024-11-21 12:35 |
2017-08-10 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
247696
|
7.8 |
HIGH
Local
|
sierrawireless
|
sierra_wireless_em7455_software
sierra_wireless_location_sensor_driver
sierra_wireless_em7345_software
|
Multiple unquoted service path vulnerabilities in Sierra Wireless Windows Mobile Broadband Driver Package (MBDP) with build ID < 4657 allows local users to launch processes with elevated privileges.
|
CWE-428
Unquoted Search Path or Element
|
CVE-2017-9247
|
2024-11-21 12:35 |
2017-08-3 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
247697
|
6.1 |
MEDIUM
Network
|
trello
|
trello
|
Cross-site scripting (XSS) vulnerability in the Trello app before 4.0.8 for iOS might allow remote attackers to inject arbitrary web script or HTML by uploading and attaching a crafted photo to a Car…
|
CWE-79
Cross-site Scripting
|
CVE-2017-9244
|
2024-11-21 12:35 |
2017-08-3 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
247698
|
5.5 |
MEDIUM
Local
|
surina
|
soundtouch
|
The TDStretchSSE::calcCrossCorr function in source/SoundTouch/sse_optimized.cpp in SoundTouch 1.9.2 allows remote attackers to cause a denial of service (heap-based buffer over-read and application c…
|
CWE-125
Out-of-bounds Read
|
CVE-2017-9260
|
2024-11-21 12:35 |
2017-07-27 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
247699
|
5.5 |
MEDIUM
Local
|
surina
|
soundtouch
|
The TDStretch::acceptNewOverlapLength function in source/SoundTouch/TDStretch.cpp in SoundTouch 1.9.2 allows remote attackers to cause a denial of service (memory allocation error and application cra…
|
CWE-400
Uncontrolled Resource Consumption
|
CVE-2017-9259
|
2024-11-21 12:35 |
2017-07-27 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
247700
|
5.5 |
MEDIUM
Local
|
surina
|
soundtouch
|
The TDStretch::processSamples function in source/SoundTouch/TDStretch.cpp in SoundTouch 1.9.2 allows remote attackers to cause a denial of service (infinite loop and CPU consumption) via a crafted wa…
|
CWE-835
Loop with Unreachable Exit Condition ('Infinite Loop')
|
CVE-2017-9258
|
2024-11-21 12:35 |
2017-07-27 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
