|
256771
|
9.8 |
CRITICAL
Network
|
codesys
|
web_server
|
An Arbitrary File Upload issue was discovered in 3S-Smart Software Solutions GmbH CODESYS Web Server. The following versions of CODESYS Web Server, part of the CODESYS WebVisu web browser visualizati…
|
CWE-434
Unrestricted Upload of File with Dangerous Type
|
CVE-2017-6027
|
2024-11-21 12:28 |
2017-05-19 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
256772
|
9.8 |
CRITICAL
Network
|
codesys
|
web_server
|
A Stack Buffer Overflow issue was discovered in 3S-Smart Software Solutions GmbH CODESYS Web Server. The following versions of CODESYS Web Server, part of the CODESYS WebVisu web browser visualizatio…
|
CWE-119
Incorrect Access of Indexable Resource ('Range Error')
|
CVE-2017-6025
|
2024-11-21 12:28 |
2017-05-19 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
256773
|
7.3 |
HIGH
Local
|
leao_consultoria_e_desenvolvimento_de_sistemas
|
ltda_me_laquis_scada
|
An Improper Access Control issue was discovered in LCDS - Leao Consultoria e Desenvolvimento de Sistemas LTDA ME LAquis SCADA. The following versions are affected: Versions 4.1 and prior versions rel…
|
NVD-CWE-noinfo
|
CVE-2017-6016
|
2024-11-21 12:28 |
2017-05-19 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
256774
|
6.5 |
MEDIUM
Network
|
apache
|
ambari
|
In Ambari 2.2.2 through 2.4.2 and Ambari 2.5.0, sensitive data may be stored on disk in temporary files on the Ambari Server host. The temporary files are readable by any user authenticated on the ho…
|
CWE-200
Information Exposure
|
CVE-2017-5655
|
2024-11-21 12:28 |
2017-05-15 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
256775
|
7.5 |
HIGH
Network
|
apache
|
ambari
|
In Ambari 2.4.x (before 2.4.3) and Ambari 2.5.0, an authorized user of the Ambari Hive View may be able to gain unauthorized read access to files on the host where the Ambari server executes.
|
CWE-91
Blind XPath Injection
|
CVE-2017-5654
|
2024-11-21 12:28 |
2017-05-13 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
256776
|
5.9 |
MEDIUM
Network
|
oneplus
|
oxygenos
|
An issue was discovered on OnePlus One, X, 2, 3, and 3T devices. OxygenOS and HydrogenOS are vulnerable to downgrade attacks. This is due to a lenient 'updater-script' in OTAs that does not check tha…
|
CWE-20
Improper Input Validation
|
CVE-2017-5948
|
2024-11-21 12:28 |
2017-05-12 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
256777
|
7.5 |
HIGH
Network
|
asus
|
rt-ac1750_firmware
|
ASUS RT-AC* and RT-N* devices with firmware before 3.0.0.4.380.7378 allow JSONP Information Disclosure such as a network map.
|
CWE-200
Information Exposure
|
CVE-2017-5892
|
2024-11-21 12:28 |
2017-05-10 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
256778
|
8.8 |
HIGH
Network
|
asus
|
rt-ac1750_firmware
|
ASUS RT-AC* and RT-N* devices with firmware before 3.0.0.4.380.7378 have Login Page CSRF and Save Settings CSRF.
|
CWE-352
Origin Validation Error
|
CVE-2017-5891
|
2024-11-21 12:28 |
2017-05-10 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
256779
|
7.0 |
HIGH
Local
|
blftech
|
visualview_hmi
|
An Uncontrolled Search Path Element issue was discovered in BLF-Tech LLC VisualView HMI Version 9.9.14.0 and prior. The uncontrolled search path element vulnerability has been identified, which may a…
|
CWE-427
Uncontrolled Search Path Element
|
CVE-2017-6051
|
2024-11-21 12:28 |
2017-05-9 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
256780
|
8.8 |
HIGH
Network
|
certec_edv_gmbh
|
atvise_scada
|
A Header Injection issue was discovered in Certec EDV GmbH atvise scada prior to Version 3.0. An "improper neutralization of HTTP headers for scripting syntax" issue has been identified, which may al…
|
CWE-74
Injection
|
CVE-2017-6031
|
2024-11-21 12:28 |
2017-05-6 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
