|
247771
|
8.8 |
HIGH
Network
|
getvera
|
veraedge_firmware
veralite_firmware
|
An issue was discovered on Vera VeraEdge 1.7.19 and Veralite 1.7.481 devices. The device provides UPnP services that are available on port 3480 and can also be accessed via port 80 using the url "/po…
|
CWE-119
Incorrect Access of Indexable Resource ('Range Error')
|
CVE-2017-9391
|
2024-11-21 12:36 |
2019-06-18 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
247772
|
6.1 |
MEDIUM
Network
|
getvera
|
veraedge_firmware
veralite_firmware
|
An issue was discovered on Vera VeraEdge 1.7.19 and Veralite 1.7.481 devices. The device provides a shell script called connect.sh which is supposed to return a specific cookie for the user when the …
|
CWE-79
Cross-site Scripting
|
CVE-2017-9390
|
2024-11-21 12:36 |
2019-06-18 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
247773
|
8.8 |
HIGH
Network
|
getvera
|
veraedge_firmware
veralite_firmware
|
An issue was discovered on Vera VeraEdge 1.7.19 and Veralite 1.7.481 devices. The device provides a web user interface that allows a user to manage the device. As a part of the functionality the devi…
|
CWE-287
Improper Authentication
|
CVE-2017-9389
|
2024-11-21 12:36 |
2019-06-18 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
247774
|
6.1 |
MEDIUM
Network
|
open-xchange
|
open-xchange_appsuite
|
OX Software GmbH OX App Suite 7.8.4 and earlier is affected by: Cross Site Scripting (XSS).
|
CWE-79
Cross-site Scripting
|
CVE-2017-9808
|
2024-11-21 12:36 |
2019-05-23 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
247775
|
5.3 |
MEDIUM
Network
|
open-xchange
|
open-xchange_appsuite
|
OX Software GmbH OX App Suite 7.8.4 and earlier is affected by: Information Exposure.
|
CWE-200
Information Exposure
|
CVE-2017-9809
|
2024-11-21 12:36 |
2019-05-23 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
247776
|
9.8 |
CRITICAL
Network
|
marel
|
pluto1203
pluto2
|
Systems using the Marel Food Processing Systems Pluto platform do not restrict remote access. Marel has created an update for Pluto-based applications. This update will restrict remote access by impl…
|
CWE-732
Incorrect Permission Assignment for Critical Resource
|
CVE-2017-9626
|
2024-11-21 12:36 |
2019-03-28 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
247777
|
7.5 |
HIGH
Network
|
secure-endpoints
|
kerberised_netcat
|
The read_packet function in knc (Kerberised NetCat) before 1.11-1 is vulnerable to denial of service (memory exhaustion) that can be exploited remotely without authentication, possibly affecting anot…
|
CWE-400
Uncontrolled Resource Consumption
|
CVE-2017-9732
|
2024-11-21 12:36 |
2018-12-21 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
247778
|
7.8 |
HIGH
Local
|
google
|
android
|
In all android releases(Android for MSM, Firefox OS for MSM, QRD Android) from CAF using the linux kernel, There is no synchronization between msm_vb2 buffer operations which can lead to use after fr…
|
CWE-416
Use After Free
|
CVE-2017-9704
|
2024-11-21 12:36 |
2018-12-21 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
247779
|
9.8 |
CRITICAL
Network
|
npci
|
bharat_interface_for_money_\(bhim\)
|
The National Payments Corporation of India BHIM application 1.3 for Android relies on three hardcoded strings (AK-NPCIMB, IM-NPCIBM, and VK-NPCIBM) for SMS validation, which makes it easier for attac…
|
CWE-798
Use of Hard-coded Credentials
|
CVE-2017-9821
|
2024-11-21 12:36 |
2018-08-25 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
247780
|
9.8 |
CRITICAL
Network
|
npci
|
bharat_interface_for_money_\(bhim\)
|
The National Payments Corporation of India BHIM application 1.3 for Android uses a custom keypad for which the input element is available to the Accessibility service, which makes it easier for attac…
|
CWE-287
Improper Authentication
|
CVE-2017-9820
|
2024-11-21 12:36 |
2018-08-25 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
