|
254061
|
9.8 |
CRITICAL
Network
|
dotcms
|
dotcms
|
An issue was discovered in dotCMS through 3.6.1. The findChildrenByFilter() function which is called by the web accessible path /categoriesServlet performs string interpolation and direct SQL query e…
|
CWE-89
SQL Injection
|
CVE-2017-5344
|
2024-11-21 12:27 |
2017-02-17 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
254062
|
7.5 |
HIGH
Network
|
fedoraproject
gnu
|
fedora
ed
|
regex.c in GNU ed before 1.14.1 allows attackers to cause a denial of service (crash) via a malformed command, which triggers an invalid free.
|
CWE-416
Use After Free
|
CVE-2017-5357
|
2024-11-21 12:27 |
2017-02-17 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
254063
|
8.9 |
HIGH
Network
|
abbott
|
merlin\@home_firmware
|
An issue was discovered in St. Jude Medical Merlin@home, versions prior to Version 8.2.2 (RF models: EX1150; Inductive models: EX1100; and Inductive models: EX1100 with MerlinOnDemand capability). Th…
|
CWE-476
NULL Pointer Dereference
|
CVE-2017-5149
|
2024-11-21 12:27 |
2017-02-14 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
254064
|
7.5 |
HIGH
Network
|
hanwha-security
|
smart_security_manager
|
An issue was discovered in Hanwha Techwin Smart Security Manager Versions 1.5 and prior. Multiple Cross Site Request Forgery vulnerabilities have been identified. The flaws exist within the Redis and…
|
CWE-352
Origin Validation Error
|
CVE-2017-5169
|
2024-11-21 12:27 |
2017-02-14 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
254065
|
7.5 |
HIGH
Network
|
hanwha-security
|
smart_security_manager
|
An issue was discovered in Hanwha Techwin Smart Security Manager Versions 1.5 and prior. Multiple Path Traversal vulnerabilities have been identified. The flaws exist within the ActiveMQ Broker servi…
|
CWE-22
Path Traversal
|
CVE-2017-5168
|
2024-11-21 12:27 |
2017-02-14 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
254066
|
8.6 |
HIGH
Network
|
binom3
|
universal_multifunctional_electric_power_quality_meter_firmware
|
An issue was discovered in BINOM3 Universal Multifunctional Electric Power Quality Meter. Users do not have any option to change their own passwords.
|
CWE-798
Use of Hard-coded Credentials
|
CVE-2017-5167
|
2024-11-21 12:27 |
2017-02-14 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
254067
|
9.8 |
CRITICAL
Network
|
binom3
|
universal_multifunctional_electric_power_quality_meter_firmware
|
An issue was discovered in BINOM3 Universal Multifunctional Electric Power Quality Meter. An INFORMATION EXPOSURE flaw can be used to gain privileged access to the device.
|
CWE-200
Information Exposure
|
CVE-2017-5166
|
2024-11-21 12:27 |
2017-02-14 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
254068
|
7.6 |
HIGH
Network
|
binom3
|
universal_multifunctional_electric_power_quality_meter_firmware
|
An issue was discovered in BINOM3 Universal Multifunctional Electric Power Quality Meter. There is no CSRF Token generated per page and/or per (sensitive) function. Successful exploitation of this vu…
|
CWE-352
Origin Validation Error
|
CVE-2017-5165
|
2024-11-21 12:27 |
2017-02-14 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
254069
|
6.1 |
MEDIUM
Network
|
binom3
|
universal_multifunctional_electric_power_quality_meter_firmware
|
An issue was discovered in BINOM3 Universal Multifunctional Electric Power Quality Meter. Input sent from a malicious client is not properly verified by the server. An attacker can execute arbitrary …
|
CWE-79
Cross-site Scripting
|
CVE-2017-5164
|
2024-11-21 12:27 |
2017-02-14 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
254070
|
5.9 |
MEDIUM
Network
|
belden_hirschmann
|
gecko_lite_managed_switch_firmware
|
An issue was discovered in Belden Hirschmann GECKO Lite Managed switch, Version 2.0.00 and prior versions. After an administrator downloads a configuration file, a copy of the configuration file, whi…
|
CWE-22
Path Traversal
|
CVE-2017-5163
|
2024-11-21 12:27 |
2017-02-14 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
