|
251111
|
7.5 |
HIGH
Network
|
mimosa
|
backhaul_radios
client_radios
|
A hard-coded credentials issue was discovered on Mimosa Client Radios before 2.2.3, Mimosa Backhaul Radios before 2.2.3, and Mimosa Access Points before 2.2.3. These devices run Mosquitto, a lightwei…
|
CWE-798
Use of Hard-coded Credentials
|
CVE-2017-9132
|
2024-11-21 12:35 |
2017-05-22 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
251112
|
6.5 |
MEDIUM
Network
|
openexr
|
openexr
|
In OpenEXR 2.2.0, an invalid read of size 1 in the refill function in ImfFastHuf.cpp could cause the application to crash.
|
NVD-CWE-noinfo
|
CVE-2017-9114
|
2024-11-21 12:35 |
2017-05-22 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
251113
|
8.8 |
HIGH
Network
|
openexr
|
openexr
|
In OpenEXR 2.2.0, an invalid write of size 1 in the bufferedReadPixels function in ImfInputFile.cpp could cause the application to crash or execute arbitrary code.
|
NVD-CWE-noinfo
|
CVE-2017-9113
|
2024-11-21 12:35 |
2017-05-22 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
251114
|
6.5 |
MEDIUM
Network
|
openexr
|
openexr
|
In OpenEXR 2.2.0, an invalid read of size 1 in the getBits function in ImfHuf.cpp could cause the application to crash.
|
NVD-CWE-noinfo
|
CVE-2017-9112
|
2024-11-21 12:35 |
2017-05-22 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
251115
|
8.8 |
HIGH
Network
|
openexr
|
openexr
|
In OpenEXR 2.2.0, an invalid write of size 8 in the storeSSE function in ImfOptimizedPixelReading.h could cause the application to crash or execute arbitrary code.
|
NVD-CWE-noinfo
|
CVE-2017-9111
|
2024-11-21 12:35 |
2017-05-22 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
251116
|
6.5 |
MEDIUM
Network
|
openexr
|
openexr
|
In OpenEXR 2.2.0, an invalid read of size 2 in the hufDecode function in ImfHuf.cpp could cause the application to crash.
|
NVD-CWE-noinfo
|
CVE-2017-9110
|
2024-11-21 12:35 |
2017-05-22 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
251117
|
9.8 |
CRITICAL
Network
|
playsms
|
playsms
|
import.php (aka the Phonebook import feature) in PlaySMS 1.4 allows remote code execution via vectors involving the User-Agent HTTP header and PHP code in the name of a file.
|
CWE-434
Unrestricted Upload of File with Dangerous Type
|
CVE-2017-9101
|
2024-11-21 12:35 |
2017-05-22 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
251118
|
7.3 |
HIGH
Local
|
pmail
|
pegasus
|
winpm-32.exe in Pegasus Mail (aka Pmail) v4.72 build 572 allows code execution via a crafted ssgp.dll file that must be installed locally. For example, if ssgp.dll is on the desktop and executes arbi…
|
CWE-20
Improper Input Validation
|
CVE-2017-9046
|
2024-11-21 12:35 |
2017-05-21 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
251119
|
7.5 |
HIGH
Network
|
secure-bytes
|
secure_cisco_auditor
|
Secure Bytes Cisco Configuration Manager, as bundled in Secure Bytes Secure Cisco Auditor (SCA) 3.0, has a Directory Traversal issue in its TFTP Server, allowing attackers to read arbitrary files via…
|
CWE-22
Path Traversal
|
CVE-2017-9024
|
2024-11-21 12:35 |
2017-05-21 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
251120
|
8.8 |
HIGH
Adjacent
|
dlink
|
dir-600m_firmware
|
login.cgi on D-Link DIR-600M devices with firmware 3.04 allows remote attackers to bypass authentication by entering more than 20 blank spaces in the password field during an admin login attempt.
|
CWE-287
Improper Authentication
|
CVE-2017-9100
|
2024-11-21 12:35 |
2017-05-21 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
