Total
309433 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2017-11580 | 1 Blipcare | 2 Wi-fi Blood Pressure Monitor, Wi-fi Blood Pressure Monitor Firmware | 2024-11-21 | 6.1 MEDIUM | 6.5 MEDIUM |
| Blipcare Wifi blood pressure monitor BP700 10.1 devices allow memory corruption that results in Denial of Service. When connected to the "Blip" open wireless connection provided by the device, if a large string is sent as a part of the HTTP request in any part of the HTTP headers, the device could become completely unresponsive. Presumably this happens as the memory footprint provided to this device is very small. According to the specs from Rezolt, the Wi-Fi module only has 256k of memory. As a result, an incorrect string copy operation using either memcpy, strcpy, or any of their other variants could result in filling up the memory space allocated to the function executing and this would result in memory corruption. To test the theory, one can modify the demo application provided by the Cypress WICED SDK and introduce an incorrect "memcpy" operation and use the compiled application on the evaluation board provided by Cypress semiconductors with exactly the same Wi-Fi SOC. The results were identical where the device would completely stop responding to any of the ping or web requests. | |||||
| CVE-2017-11579 | 1 Blipcare | 2 Wi-fi Blood Pressure Monitor, Wi-fi Blood Pressure Monitor Firmware | 2024-11-21 | 4.8 MEDIUM | 7.1 HIGH |
| In the most recent firmware for Blipcare, the device provides an open Wireless network called "Blip" for communicating with the device. The user connects to this open Wireless network and uses the web management interface of the device to provide the user's Wi-Fi credentials so that the device can connect to it and have Internet access. This device acts as a Wireless Blood pressure monitor and is used to measure blood pressure levels of a person. This allows an attacker who is in vicinity of Wireless signal generated by the Blipcare device to easily sniff the credentials. Also, an attacker can connect to the open wireless network "Blip" exposed by the device and modify the HTTP response presented to the user by the device to execute other attacks such as convincing the user to download and execute a malicious binary that would infect a user's computer or mobile device with malware. | |||||
| CVE-2017-11578 | 1 Blipcare | 2 Wi-fi Blood Pressure Monitor, Wi-fi Blood Pressure Monitor Firmware | 2024-11-21 | 4.3 MEDIUM | 5.9 MEDIUM |
| It was discovered as a part of the research on IoT devices in the most recent firmware for Blipcare device that the device allows to connect to web management interface on a non-SSL connection using plain text HTTP protocol. The user uses the web management interface of the device to provide the user's Wi-Fi credentials so that the device can connect to it and have Internet access. This device acts as a Wireless Blood pressure monitor and is used to measure blood pressure levels of a person. This allows an attacker who is connected to the Blipcare's device wireless network to easily sniff these values using a MITM attack. | |||||
| CVE-2017-11564 | 1 Dlink | 2 Eyeon Baby Monitor, Eyeon Baby Monitor Firmware | 2024-11-21 | 9.0 HIGH | 8.8 HIGH |
| The D-Link EyeOn Baby Monitor (DCS-825L) 1.08.1 has multiple command injection vulnerabilities in the web service framework. An attacker can forge malicious HTTP requests to execute commands; authentication is required before executing the attack. | |||||
| CVE-2017-11563 | 1 Dlink | 2 Eyeon Baby Monitor, Eyeon Baby Monitor Firmware | 2024-11-21 | 10.0 HIGH | 9.8 CRITICAL |
| D-Link EyeOn Baby Monitor (DCS-825L) 1.08.1 has a remote code execution vulnerability. A UDP "Discover" service, which provides multiple functions such as changing the passwords and getting basic information, was installed on the device. A remote attacker can send a crafted UDP request to finderd to perform stack overflow and execute arbitrary code with root privilege on the device. | |||||
| CVE-2017-11561 | 1 Zohocorp | 1 Manageengine Opmanager | 2024-11-21 | 4.0 MEDIUM | 6.5 MEDIUM |
| An issue was discovered in ZOHO ManageEngine OpManager 12.2. An authenticated user can upload any file they want to share in the "Group Chat" or "Alarm" section. This functionality can be abused by a malicious user by uploading a web shell. | |||||
| CVE-2017-11560 | 1 Zohocorp | 1 Manageengine Opmanager | 2024-11-21 | 3.5 LOW | 5.4 MEDIUM |
| An issue was discovered in ZOHO ManageEngine OpManager 12.2. By adding a Google Map to the application, an authenticated user can upload an HTML file. This HTML file is then rendered in various locations of the application. JavaScript inside the uploaded HTML is also interpreted by the application. Thus, an attacker can inject a malicious JavaScript payload inside the HTML file and upload it to the application. | |||||
| CVE-2017-11559 | 1 Zohocorp | 1 Manageengine Opmanager | 2024-11-21 | 5.0 MEDIUM | 7.5 HIGH |
| An issue was discovered in ZOHO ManageEngine OpManager 12.2. The 'apiKey' parameter of "/api/json/admin/getmailserversettings" and "/api/json/dashboard/gotoverviewlist" is vulnerable to a Blind SQL Injection attack. | |||||
| CVE-2017-11557 | 1 Zohocorp | 1 Manageengine Applications Manager | 2024-11-21 | 5.0 MEDIUM | 5.3 MEDIUM |
| An issue was discovered in ZOHO ManageEngine Applications Manager 12.3. It is possible for an unauthenticated user to view the list of domain names and usernames used in a company's network environment via a userconfiguration.do?method=editUser request. | |||||
| CVE-2017-11510 | 1 Wanscam | 2 Hw0021, Hw0021 Firmware | 2024-11-21 | 5.0 MEDIUM | 9.8 CRITICAL |
| An information leak exists in Wanscam's HW0021 network camera that allows an unauthenticated remote attacker to recover the administrator username and password via an ONVIF GetSnapshotUri request. | |||||
| CVE-2017-11509 | 2 Debian, Firebirdsql | 2 Debian Linux, Firebird | 2024-11-21 | 9.0 HIGH | 8.8 HIGH |
| An authenticated remote attacker can execute arbitrary code in Firebird SQL Server versions 2.5.7 and 3.0.2 by executing a malformed SQL statement. | |||||
| CVE-2017-11430 | 1 Omniauth | 1 Omniauth Saml | 2024-11-21 | 7.5 HIGH | 7.7 HIGH |
| OmniAuth OmnitAuth-SAML 1.9.0 and earlier may incorrectly utilize the results of XML DOM traversal and canonicalization APIs in such a way that an attacker may be able to manipulate the SAML data without invalidating the cryptographic signature, allowing the attack to potentially bypass authentication to SAML service providers. | |||||
| CVE-2017-11429 | 1 Clever | 1 Saml2-js | 2024-11-21 | 7.5 HIGH | 7.7 HIGH |
| Clever saml2-js 2.0 and earlier may incorrectly utilize the results of XML DOM traversal and canonicalization APIs in such a way that an attacker may be able to manipulate the SAML data without invalidating the cryptographic signature, allowing the attack to potentially bypass authentication to SAML service providers. | |||||
| CVE-2017-11428 | 1 Onelogin | 1 Ruby-saml | 2024-11-21 | 7.5 HIGH | 7.7 HIGH |
| OneLogin Ruby-SAML 1.6.0 and earlier may incorrectly utilize the results of XML DOM traversal and canonicalization APIs in such a way that an attacker may be able to manipulate the SAML data without invalidating the cryptographic signature, allowing the attack to potentially bypass authentication to SAML service providers. | |||||
| CVE-2017-11427 | 1 Onelogin | 1 Pythonsaml | 2024-11-21 | 7.5 HIGH | 7.7 HIGH |
| OneLogin PythonSAML 2.3.0 and earlier may incorrectly utilize the results of XML DOM traversal and canonicalization APIs in such a way that an attacker may be able to manipulate the SAML data without invalidating the cryptographic signature, allowing the attack to potentially bypass authentication to SAML service providers. | |||||
| CVE-2017-11398 | 1 Trendmicro | 1 Smart Protection Server | 2024-11-21 | 6.8 MEDIUM | 8.8 HIGH |
| A session hijacking via log disclosure vulnerability in Trend Micro Smart Protection Server (Standalone) versions 3.2 and below could allow an unauthenticated attacker to hijack active user sessions to perform authenticated requests on a vulnerable system. | |||||
| CVE-2017-11365 | 1 Sensiolabs | 1 Symfony | 2024-11-21 | 7.5 HIGH | 9.8 CRITICAL |
| Certain Symfony products are affected by: Incorrect Access Control. This affects Symfony 2.7.30 and Symfony 2.8.23 and Symfony 3.2.10 and Symfony 3.3.3. The type of exploitation is: remote. The component is: Password validator. | |||||
| CVE-2017-11308 | 3 Adobe, Apple, Microsoft | 6 Acrobat, Acrobat Dc, Acrobat Reader and 3 more | 2024-11-21 | 10.0 HIGH | 9.8 CRITICAL |
| Adobe Acrobat and Reader versions 2017.012.20098 and earlier, 2017.011.30066 and earlier, 2015.006.30355 and earlier, 11.0.22 and earlier have an exploitable heap overflow vulnerability. Successful exploitation could lead to arbitrary code execution in the context of the current user. | |||||
| CVE-2017-11307 | 3 Adobe, Apple, Microsoft | 6 Acrobat, Acrobat Dc, Acrobat Reader and 3 more | 2024-11-21 | 10.0 HIGH | 9.8 CRITICAL |
| Adobe Acrobat and Reader versions 2017.012.20098 and earlier, 2017.011.30066 and earlier, 2015.006.30355 and earlier, 11.0.22 and earlier have an exploitable out-of-bounds read vulnerability. Successful exploitation could lead to arbitrary code execution in the context of the current user. | |||||
| CVE-2017-11306 | 3 Adobe, Apple, Microsoft | 6 Acrobat, Acrobat Dc, Acrobat Reader and 3 more | 2024-11-21 | 10.0 HIGH | 9.8 CRITICAL |
| Adobe Acrobat and Reader versions 2017.012.20098 and earlier, 2017.011.30066 and earlier, 2015.006.30355 and earlier, 11.0.22 and earlier have an exploitable out-of-bounds read vulnerability. Successful exploitation could lead to arbitrary code execution in the context of the current user. | |||||