|
257411
|
7.5 |
HIGH
Network
|
scubez
|
posty_readymade_classifieds
|
Scubez Posty Readymade Classifieds has SQL Injection via the admin/user_activate_submit.php ID parameter.
|
CWE-89
SQL Injection
|
CVE-2017-17567
|
2024-11-21 12:18 |
2017-12-13 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
257412
|
7.5 |
HIGH
Network
|
mikrotik
|
router_firmware
|
MikroTik v6.40.5 devices allow remote attackers to cause a denial of service via a flood of ICMP packets.
|
NVD-CWE-noinfo
|
CVE-2017-17538
|
2024-11-21 12:18 |
2017-12-13 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
257413
|
7.8 |
HIGH
Local
|
xen
|
xen
|
An issue was discovered in Xen through 4.9.x allowing PV guest OS users to cause a denial of service (host OS crash) or gain host OS privileges in shadow mode by mapping a certain auxiliary page.
|
NVD-CWE-noinfo
|
CVE-2017-17566
|
2024-11-21 12:18 |
2017-12-13 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
257414
|
5.6 |
MEDIUM
Local
|
xen
|
xen
|
An issue was discovered in Xen through 4.9.x allowing PV guest OS users to cause a denial of service (host OS crash) if shadow mode and log-dirty mode are in place, because of an incorrect assertion …
|
CWE-20
Improper Input Validation
|
CVE-2017-17565
|
2024-11-21 12:18 |
2017-12-13 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
257415
|
7.8 |
HIGH
Local
|
xen
|
xen
|
An issue was discovered in Xen through 4.9.x allowing guest OS users to cause a denial of service (host OS crash) or gain host OS privileges by leveraging incorrect error handling for reference count…
|
CWE-388
7PK - Errors
|
CVE-2017-17564
|
2024-11-21 12:18 |
2017-12-13 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
257416
|
7.8 |
HIGH
Local
|
xen
|
xen
|
An issue was discovered in Xen through 4.9.x allowing guest OS users to cause a denial of service (host OS crash) or gain host OS privileges by leveraging an incorrect mask for reference-count overfl…
|
CWE-119
Incorrect Access of Indexable Resource ('Range Error')
|
CVE-2017-17563
|
2024-11-21 12:18 |
2017-12-13 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
257417
|
7.2 |
HIGH
Network
|
seacms_project
|
seacms
|
SeaCMS 6.56 allows remote authenticated administrators to execute arbitrary PHP code via a crafted token field to admin/admin_ping.php, which interacts with data/admin/ping.php.
|
NVD-CWE-noinfo
|
CVE-2017-17561
|
2024-11-21 12:18 |
2017-12-13 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
257418
|
9.8 |
CRITICAL
Network
|
westerndigital
|
my_cloud_pr4100_firmware
|
An issue was discovered on Western Digital MyCloud PR4100 2.30.172 devices. The web administration component, /web/jquery/uploader/multi_uploadify.php, provides multipart upload functionality that is…
|
CWE-287
Improper Authentication
|
CVE-2017-17560
|
2024-11-21 12:18 |
2017-12-13 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
257419
|
6.6 |
MEDIUM
Physics
|
linux
suse
|
linux_kernel
linux_enterprise_server
|
The usb_destroy_configuration function in drivers/usb/core/config.c in the USB core subsystem in the Linux kernel through 4.14.5 does not consider the maximum number of configurations and interfaces …
|
CWE-787
Out-of-bounds Write
|
CVE-2017-17558
|
2024-11-21 12:18 |
2017-12-13 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
257420
|
6.5 |
MEDIUM
Network
|
aubio
ffmpeg
|
aubio
ffmpeg
libswresample
|
The swri_audio_convert function in audioconvert.c in FFmpeg libswresample through 3.0.101, as used in FFmpeg 3.4.1, aubio 0.4.6, and other products, allows remote attackers to cause a denial of servi…
|
CWE-476
NULL Pointer Dereference
|
CVE-2017-17555
|
2024-11-21 12:18 |
2017-12-12 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
