|
252631
|
8.0 |
HIGH
Adjacent
|
tendacn
|
f1200_firmware
fh1202_firmware
f1202_firmware
|
There is a debug-interface vulnerability on some Tenda routers (FH1202/F1202/F1200: versions before 1.2.0.20). After connecting locally to a router in a wired or wireless manner, one can bypass inten…
|
CWE-119
Incorrect Access of Indexable Resource ('Range Error')
|
CVE-2017-9138
|
2024-11-21 12:35 |
2017-05-22 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
252632
|
8.8 |
HIGH
Network
|
mimosa
|
client_radios
backhaul_radios
|
An issue was discovered on Mimosa Client Radios before 2.2.4 and Mimosa Backhaul Radios before 2.2.4. On the backend of the device's web interface, there are some diagnostic tests available that are …
|
CWE-74
Injection
|
CVE-2017-9135
|
2024-11-21 12:35 |
2017-05-22 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
252633
|
7.5 |
HIGH
Network
|
mimosa
|
backhaul_radios
client_radios
|
An information-leakage issue was discovered on Mimosa Client Radios before 2.2.3 and Mimosa Backhaul Radios before 2.2.3. There is a page in the web interface that will show you the device's serial n…
|
CWE-200
Information Exposure
|
CVE-2017-9134
|
2024-11-21 12:35 |
2017-05-22 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
252634
|
8.8 |
HIGH
Network
|
mimosa
|
backhaul_radios
client_radios
|
An issue was discovered on Mimosa Client Radios before 2.2.3 and Mimosa Backhaul Radios before 2.2.3. In the device's web interface, after logging in, there is a page that allows you to ping other ho…
|
CWE-74
Injection
|
CVE-2017-9133
|
2024-11-21 12:35 |
2017-05-22 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
252635
|
7.5 |
HIGH
Network
|
mimosa
|
backhaul_radios
client_radios
|
An issue was discovered on Mimosa Client Radios before 2.2.3 and Mimosa Backhaul Radios before 2.2.3. By connecting to the Mosquitto broker on an access point and one of its clients, an attacker can …
|
CWE-20
Improper Input Validation
|
CVE-2017-9131
|
2024-11-21 12:35 |
2017-05-22 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
252636
|
9.8 |
CRITICAL
Network
|
php
netapp
|
php
storage_automation_store
clustered_data_ontap
|
The i_zval_ptr_dtor function in Zend/zend_variables.h in PHP 7.1.5 allows attackers to cause a denial of service (memory consumption and application crash) or possibly have unspecified other impact b…
|
CWE-400
Uncontrolled Resource Consumption
|
CVE-2017-9119
|
2024-11-21 12:35 |
2017-05-22 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
252637
|
9.8 |
CRITICAL
Network
|
libtiff
canonical
|
libtiff
ubuntu_linux
|
In LibTIFF 4.0.7, the program processes BMP images without verifying that biWidth and biHeight in the bitmap-information header match the actual input, leading to a heap-based buffer over-read in bmp…
|
CWE-125
Out-of-bounds Read
|
CVE-2017-9117
|
2024-11-21 12:35 |
2017-05-22 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
252638
|
6.5 |
MEDIUM
Network
|
openexr
|
openexr
|
In OpenEXR 2.2.0, an invalid read of size 1 in the uncompress function in ImfZip.cpp could cause the application to crash.
|
NVD-CWE-noinfo
|
CVE-2017-9116
|
2024-11-21 12:35 |
2017-05-22 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
252639
|
8.8 |
HIGH
Network
|
openexr
|
openexr
|
In OpenEXR 2.2.0, an invalid write of size 2 in the = operator function in half.h could cause the application to crash or execute arbitrary code.
|
NVD-CWE-noinfo
|
CVE-2017-9115
|
2024-11-21 12:35 |
2017-05-22 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
252640
|
7.3 |
HIGH
Network
|
ceragon
|
fiberair_ip-10_firmware
|
Ceragon FibeAir IP-10 wireless radios through 7.2.0 have a default password of mateidu for the mateidu account (a hidden user account established by the vendor). This account can be accessed via both…
|
CWE-1188
Insecure Default Initialization of Resource
|
CVE-2017-9137
|
2024-11-21 12:35 |
2017-05-22 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
