|
250651
|
9.8 |
CRITICAL
Network
|
oneplus
|
oxygenos
|
An issue was discovered in OxygenOS before 4.0.3 for OnePlus 3 and 3T. The attacker can persistently make the (locked) bootloader start the platform with dm-verity disabled, by issuing the 'fastboot …
|
CWE-269
Improper Privilege Management
|
CVE-2017-5624
|
2024-11-21 12:28 |
2017-03-12 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
250652
|
9.8 |
CRITICAL
Network
|
cambiumnetworks
|
cnpilot_r200_series_firmware
|
On Cambium Networks cnPilot R200/201 devices before 4.3, there is a vulnerability involving the certificate of the device and its RSA keys, aka RBN-183.
|
NVD-CWE-noinfo
|
CVE-2017-5859
|
2024-11-21 12:28 |
2017-03-10 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
250653
|
7.5 |
HIGH
Network
|
unisys
|
clearpath_mcp
|
The TCP/IP networking module in Unisys ClearPath MCP systems with TCP-IP-SW 57.1 before 57.152, 58.1 before 58.142, or 59.1 before 59.172, when running a TLS 1.2 service, allows remote attackers to c…
|
CWE-20
Improper Input Validation
|
CVE-2017-5872
|
2024-11-21 12:28 |
2017-03-10 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
250654
|
7.5 |
HIGH
Network
|
intel
|
quickassist_technology_engine
|
The RSA-CRT implementation in the Intel QuickAssist Technology (QAT) Engine for OpenSSL versions prior to 0.5.19 may allow remote attackers to obtain private RSA keys by conducting a Lenstra side-cha…
|
NVD-CWE-noinfo
|
CVE-2017-5681
|
2024-11-21 12:28 |
2017-03-8 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
250655
|
7.5 |
HIGH
Network
|
syspass
|
syspass
|
An issue was discovered in sysPass 2.x before 2.1, in which an algorithm was never sufficiently reviewed by cryptographers. The fact that inc/SP/Core/Crypt.class is using the MCRYPT_RIJNDAEL_256() fu…
|
CWE-326
Inadequate Encryption Strength
|
CVE-2017-5999
|
2024-11-21 12:28 |
2017-03-6 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
250656
|
8.0 |
HIGH
Network
|
d-link
|
di-524_firmware
|
Multiple cross-site request forgery (CSRF) vulnerabilities on the D-Link DI-524 Wireless Router with firmware 9.01 allow remote attackers to (1) change the admin password, (2) reboot the device, or (…
|
CWE-352
Origin Validation Error
|
CVE-2017-5633
|
2024-11-21 12:28 |
2017-03-6 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
250657
|
6.5 |
MEDIUM
Network
|
owncloud
|
owncloud
|
ownCloud Server before 8.1.11, 8.2.x before 8.2.9, 9.0.x before 9.0.7, and 9.1.x before 9.1.3 allows remote authenticated users to cause a denial of service (server hang and logfile flooding) via a o…
|
CWE-400
Uncontrolled Resource Consumption
|
CVE-2017-5867
|
2024-11-21 12:28 |
2017-03-4 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
250658
|
4.3 |
MEDIUM
Network
|
owncloud
|
owncloud
|
The autocomplete feature in the E-Mail share dialog in ownCloud Server before 8.1.11, 8.2.x before 8.2.9, 9.0.x before 9.0.7, and 9.1.x before 9.1.3 allows remote authenticated users to obtain sensit…
|
CWE-200
Information Exposure
|
CVE-2017-5866
|
2024-11-21 12:28 |
2017-03-4 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
250659
|
3.7 |
LOW
Network
|
owncloud
|
owncloud
|
The password reset functionality in ownCloud Server before 8.1.11, 8.2.x before 8.2.9, 9.0.x before 9.0.7, and 9.1.x before 9.1.3 sends different error messages depending on whether the username is v…
|
CWE-200
Information Exposure
|
CVE-2017-5865
|
2024-11-21 12:28 |
2017-03-4 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
250660
|
7.5 |
HIGH
Network
|
libimobiledevice
|
libplist
|
The plist_free_data function in plist.c in libplist allows attackers to cause a denial of service (crash) via vectors involving an integer node that is treated as a PLIST_KEY and then triggers an inv…
|
CWE-415
Double Free
|
CVE-2017-5836
|
2024-11-21 12:28 |
2017-03-4 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
