|
250011
|
6.5 |
MEDIUM
Adjacent
|
philips
|
intellivue_mx40_firmware
|
Certain 802.11 network management messages have been determined to invoke wireless access point blacklisting security defenses when not required, which can necessitate intervention by hospital staff …
|
CWE-755
Improper Handling of Exceptional Conditions
|
CVE-2017-9658
|
2024-11-21 12:36 |
2018-05-1 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
250012
|
6.5 |
MEDIUM
Adjacent
|
philips
|
intellivue_mx40_firmware
|
Under specific 802.11 network conditions, a partial re-association of the Philips IntelliVue MX40 Version B.06.18 WLAN monitor to the central monitoring station is possible. In this state, the centra…
|
CWE-755
Improper Handling of Exceptional Conditions
|
CVE-2017-9657
|
2024-11-21 12:36 |
2018-05-1 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
250013
|
8.8 |
HIGH
Network
|
philips
|
dosewise
|
The Philips DoseWise Portal web-based application versions 1.1.7.333 and 2.1.1.3069 stores login credentials in clear text within backend system files. CVSS v3 base score: 6.5, CVSS vector string: AV…
|
CWE-522
Insufficiently Protected Credentials
|
CVE-2017-9654
|
2024-11-21 12:36 |
2018-04-25 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
250014
|
9.1 |
CRITICAL
Network
|
philips
|
dosewise
|
The backend database of the Philips DoseWise Portal application versions 1.1.7.333 and 2.1.1.3069 uses hard-coded credentials for a database account with privileges that can affect confidentiality, i…
|
CWE-798
Use of Hard-coded Credentials
|
CVE-2017-9656
|
2024-11-21 12:36 |
2018-04-25 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
250015
|
9.8 |
CRITICAL
Network
|
mitsubishielectric
|
e-designer
|
Mitsubishi E-Designer, Version 7.52 Build 344 contains six code sections which may be exploited to overwrite the stack. This can result in arbitrary code execution, compromised data integrity, denial…
|
CWE-119
Incorrect Access of Indexable Resource ('Range Error')
|
CVE-2017-9638
|
2024-11-21 12:36 |
2018-04-17 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
250016
|
9.8 |
CRITICAL
Network
|
mitsubishielectric
|
e-designer
|
Mitsubishi E-Designer, Version 7.52 Build 344 contains five code sections which may be exploited to overwrite the heap. This can result in arbitrary code execution, compromised data integrity, denial…
|
CWE-119
Incorrect Access of Indexable Resource ('Range Error')
|
CVE-2017-9636
|
2024-11-21 12:36 |
2018-04-17 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
250017
|
9.8 |
CRITICAL
Network
|
mitsubishielectric
|
e-designer
|
Mitsubishi E-Designer, Version 7.52 Build 344 contains two code sections which may be exploited to allow an attacker to overwrite arbitrary memory locations. This can result in arbitrary code executi…
|
CWE-787
Out-of-bounds Write
|
CVE-2017-9634
|
2024-11-21 12:36 |
2018-04-17 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
250018
|
8.8 |
HIGH
Network
|
dolibarr
|
dolibarr_erp\/crm
|
Dolibarr ERP/CRM is affected by SQL injection in versions before 5.0.4 via product/stats/card.php (type parameter).
|
CWE-89
SQL Injection
|
CVE-2017-9839
|
2024-11-21 12:36 |
2018-04-11 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
250019
|
5.4 |
MEDIUM
Network
|
dolibarr
|
dolibarr_erp\/crm
|
Dolibarr ERP/CRM is affected by multiple reflected Cross-Site Scripting (XSS) vulnerabilities in versions before 5.0.4: index.php (leftmenu parameter), core/ajax/box.php (PATH_INFO), product/stats/ca…
|
CWE-79
Cross-site Scripting
|
CVE-2017-9838
|
2024-11-21 12:36 |
2018-04-11 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
250020
|
7.8 |
HIGH
Local
|
google
|
android
|
The touchscreen driver synaptics_dsx in Android for MSM, Firefox OS for MSM, and QRD Android before 2017-06-05, the size of a stack-allocated buffer can be set to a value which exceeds the size of th…
|
CWE-119
Incorrect Access of Indexable Resource ('Range Error')
|
CVE-2017-9723
|
2024-11-21 12:36 |
2018-03-31 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
