|
253211
|
8.8 |
HIGH
Network
|
dahuasecurity
|
nvr5464-16p-4ks2_firmware
nvr5208-8p-4ks2_firmware
nvr5432-16p-4ks2_firmware
nvr5416-16p-4ks2_firmware
nvr5464-4ks2_firmware
nvr5432-4ks2_firmware
nvr5416-4ks2_firmware
nvr5232-1…
|
Authentication vulnerability found in Dahua NVR models NVR50XX, NVR52XX, NVR54XX, NVR58XX with software before DH_NVR5xxx_Eng_P_V2.616.0000.0.R.20171102. Attacker could exploit this vulnerability to …
|
CWE-287
Improper Authentication
|
CVE-2017-9314
|
2024-11-21 12:35 |
2017-11-14 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
253212
|
8.8 |
HIGH
Network
|
itextpdf
|
itext
|
The XML parsers in iText before 5.5.12 and 7.x before 7.0.3 do not disable external entities, which might allow remote attackers to conduct XML external entity (XXE) attacks via a crafted PDF.
|
CWE-611
XXE
|
CVE-2017-9096
|
2024-11-21 12:35 |
2017-11-9 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
253213
|
8.8 |
HIGH
Network
|
barco
|
clickshare_csm-1_firmware
clickshare_csc-1_firmware
|
A command injection was identified on Barco ClickShare Base Unit devices with CSM-1 firmware before 1.7.0.3 and CSC-1 firmware before 1.10.0.10. An attacker with access to the product's web API can e…
|
CWE-78
OS Command
|
CVE-2017-9377
|
2024-11-21 12:35 |
2017-10-30 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
253214
|
7.5 |
HIGH
Network
|
blackberry
|
workspaces_vapp
workspaces_appliance-x
|
An information disclosure vulnerability in the BlackBerry Workspaces Server could result in an attacker gaining access to source code for server-side applications by crafting a request for specific f…
|
CWE-200
Information Exposure
|
CVE-2017-9368
|
2024-11-21 12:35 |
2017-10-17 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
253215
|
9.8 |
CRITICAL
Network
|
blackberry
|
workspaces_vapp
workspaces_appliance-x
|
A directory traversal vulnerability in the BlackBerry Workspaces Server could potentially allow an attacker to execute or upload arbitrary files, or reveal the content of arbitrary files anywhere on …
|
CWE-22
Path Traversal
|
CVE-2017-9367
|
2024-11-21 12:35 |
2017-10-17 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
253216
|
9.8 |
CRITICAL
Network
|
hp
|
operations_orchestration
|
A input validation vulnerability in HPE Operations Orchestration product all versions prior to 10.80, allows for the execution of code remotely.
|
CWE-20
Improper Input Validation
|
CVE-2017-8994
|
2024-11-21 12:35 |
2017-10-11 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
253217
|
5.3 |
MEDIUM
Network
|
microfocus
|
bi-directional_driver
|
The Bi-directional driver in IDM 4.5 before 4.0.3.0 could be susceptible to unauthorized log configuration changes.
|
NVD-CWE-noinfo
|
CVE-2017-9273
|
2024-11-21 12:35 |
2017-10-7 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
253218
|
7.5 |
HIGH
Network
|
microfocus
|
bi-directional_driver
|
The Bi-directional driver in IDM 4.5 before 4.0.3.0 could be susceptible to a denial of service attack.
|
CWE-20
Improper Input Validation
|
CVE-2017-9272
|
2024-11-21 12:35 |
2017-10-7 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
253219
|
9.8 |
CRITICAL
Network
|
microfocus
|
visibroker
|
An out-of-bounds read (CWE-125) vulnerability exists in Micro Focus VisiBroker 8.5. The feasibility of leveraging this vulnerability for further attacks was not assessed.
|
CWE-125
Out-of-bounds Read
|
CVE-2017-9283
|
2024-11-21 12:35 |
2017-09-22 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
253220
|
9.8 |
CRITICAL
Network
|
microfocus
|
visibroker
|
An integer overflow (CWE-190) led to an out-of-bounds write (CWE-787) on a heap-allocated area, leading to heap corruption in Micro Focus VisiBroker 8.5. The feasibility of leveraging this vulnerabil…
|
CWE-190
Integer Overflow or Wraparound
|
CVE-2017-9282
|
2024-11-21 12:35 |
2017-09-22 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
