|
254121
|
8.8 |
HIGH
Network
|
mimosa
|
backhaul_radios
client_radios
|
An issue was discovered on Mimosa Client Radios before 2.2.3 and Mimosa Backhaul Radios before 2.2.3. In the device's web interface, after logging in, there is a page that allows you to ping other ho…
|
CWE-74
Injection
|
CVE-2017-9133
|
2024-11-21 12:35 |
2017-05-22 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
254122
|
7.5 |
HIGH
Network
|
mimosa
|
backhaul_radios
client_radios
|
An issue was discovered on Mimosa Client Radios before 2.2.3 and Mimosa Backhaul Radios before 2.2.3. By connecting to the Mosquitto broker on an access point and one of its clients, an attacker can …
|
CWE-20
Improper Input Validation
|
CVE-2017-9131
|
2024-11-21 12:35 |
2017-05-22 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
254123
|
9.8 |
CRITICAL
Network
|
php
netapp
|
php
storage_automation_store
clustered_data_ontap
|
The i_zval_ptr_dtor function in Zend/zend_variables.h in PHP 7.1.5 allows attackers to cause a denial of service (memory consumption and application crash) or possibly have unspecified other impact b…
|
CWE-400
Uncontrolled Resource Consumption
|
CVE-2017-9119
|
2024-11-21 12:35 |
2017-05-22 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
254124
|
9.8 |
CRITICAL
Network
|
libtiff
canonical
|
libtiff
ubuntu_linux
|
In LibTIFF 4.0.7, the program processes BMP images without verifying that biWidth and biHeight in the bitmap-information header match the actual input, leading to a heap-based buffer over-read in bmp…
|
CWE-125
Out-of-bounds Read
|
CVE-2017-9117
|
2024-11-21 12:35 |
2017-05-22 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
254125
|
6.5 |
MEDIUM
Network
|
openexr
|
openexr
|
In OpenEXR 2.2.0, an invalid read of size 1 in the uncompress function in ImfZip.cpp could cause the application to crash.
|
NVD-CWE-noinfo
|
CVE-2017-9116
|
2024-11-21 12:35 |
2017-05-22 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
254126
|
8.8 |
HIGH
Network
|
openexr
|
openexr
|
In OpenEXR 2.2.0, an invalid write of size 2 in the = operator function in half.h could cause the application to crash or execute arbitrary code.
|
NVD-CWE-noinfo
|
CVE-2017-9115
|
2024-11-21 12:35 |
2017-05-22 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
254127
|
7.3 |
HIGH
Network
|
ceragon
|
fiberair_ip-10_firmware
|
Ceragon FibeAir IP-10 wireless radios through 7.2.0 have a default password of mateidu for the mateidu account (a hidden user account established by the vendor). This account can be accessed via both…
|
CWE-1188
Insecure Default Initialization of Resource
|
CVE-2017-9137
|
2024-11-21 12:35 |
2017-05-22 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
254128
|
7.5 |
HIGH
Network
|
mimosa
|
backhaul_radios
client_radios
|
An issue was discovered on Mimosa Client Radios before 2.2.3. In the device's web interface, there is a page that allows an attacker to use an unsanitized GET parameter to download files from the dev…
|
CWE-327
CWE-522
CWE-732
Use of a Broken or Risky Cryptographic Algorithm
Insufficiently Protected Credentials
Incorrect Permission Assignment for Critical Resource
|
CVE-2017-9136
|
2024-11-21 12:35 |
2017-05-22 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
254129
|
7.5 |
HIGH
Network
|
mimosa
|
backhaul_radios
client_radios
|
A hard-coded credentials issue was discovered on Mimosa Client Radios before 2.2.3, Mimosa Backhaul Radios before 2.2.3, and Mimosa Access Points before 2.2.3. These devices run Mosquitto, a lightwei…
|
CWE-798
Use of Hard-coded Credentials
|
CVE-2017-9132
|
2024-11-21 12:35 |
2017-05-22 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
254130
|
6.5 |
MEDIUM
Network
|
openexr
|
openexr
|
In OpenEXR 2.2.0, an invalid read of size 1 in the refill function in ImfFastHuf.cpp could cause the application to crash.
|
NVD-CWE-noinfo
|
CVE-2017-9114
|
2024-11-21 12:35 |
2017-05-22 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
