|
254721
|
7.2 |
HIGH
Network
|
fortinet
|
fortiwlc-sd
|
An escalation of privilege vulnerability in Fortinet FortiWLC-SD versions 8.2.4 and below allows attacker to gain root access via the CLI command 'copy running-config'.
|
CWE-20
Improper Input Validation
|
CVE-2017-3134
|
2024-11-21 12:24 |
2017-05-27 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
254722
|
6.1 |
MEDIUM
Network
|
fortinet
|
fortiweb
|
A Cross-Site Scripting vulnerability in Fortinet FortiWeb versions 5.7.1 and below allows attacker to execute unauthorized code or commands via an improperly sanitized POST parameter in the FortiWeb …
|
CWE-79
Cross-site Scripting
|
CVE-2017-3129
|
2024-11-21 12:24 |
2017-05-27 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
254723
|
6.1 |
MEDIUM
Network
|
fortinet
|
fortianalyzer_firmware
fortimanager_firmware
|
An Open Redirect vulnerability in Fortinet FortiAnalyzer 5.4.0 through 5.4.2 and FortiManager 5.4.0 through 5.4.2 allows attacker to execute unauthorized code or commands via the next parameter.
|
CWE-601
Open Redirect
|
CVE-2017-3126
|
2024-11-21 12:24 |
2017-05-27 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
254724
|
8.1 |
HIGH
Network
|
zabbix
|
zabbix
|
An exploitable code execution vulnerability exists in the trapper command functionality of Zabbix Server 2.4.X. A specially crafted set of packets can cause a command injection resulting in remote co…
|
CWE-78
OS Command
|
CVE-2017-2824
|
2024-11-21 12:24 |
2017-05-24 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
254725
|
7.8 |
HIGH
Local
|
poweriso
|
poweriso
|
A use-after-free vulnerability exists in the .ISO parsing functionality of PowerISO 6.8. A specially crafted .ISO file can cause a vulnerability resulting in potential code execution. An attacker can…
|
CWE-416
Use After Free
|
CVE-2017-2823
|
2024-11-21 12:24 |
2017-05-24 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
254726
|
7.8 |
HIGH
Local
|
hancom
|
thinkfree_office_neo
hangul_word_processor
|
An exploitable heap-based buffer overflow exists in the Hangul Word Processor component (version 9.6.1.4350) of Hancom Thinkfree Office NEO 9.6.1.4902. A specially crafted document stream can cause a…
|
CWE-119
Incorrect Access of Indexable Resource ('Range Error')
|
CVE-2017-2819
|
2024-11-21 12:24 |
2017-05-24 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
254727
|
7.8 |
HIGH
Local
|
poweriso
|
poweriso
|
A stack buffer overflow vulnerability exists in the ISO parsing functionality of Power Software Ltd PowerISO 6.8. A specially crafted ISO file can cause a vulnerability resulting in potential code ex…
|
CWE-119
Incorrect Access of Indexable Resource ('Range Error')
|
CVE-2017-2817
|
2024-11-21 12:24 |
2017-05-24 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
254728
|
9.8 |
CRITICAL
Network
|
botan_project
|
botan
|
A programming error exists in a way Randombit Botan cryptographic library version 2.0.1 implements x500 string comparisons which could lead to certificate verification issues and abuse. A specially c…
|
CWE-125
Out-of-bounds Read
|
CVE-2017-2801
|
2024-11-21 12:24 |
2017-05-24 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
254729
|
9.8 |
CRITICAL
Network
|
wolfssl
|
wolfssl
|
A specially crafted x509 certificate can cause a single out of bounds byte overwrite in wolfSSL through 3.10.2 resulting in potential certificate validation vulnerabilities, denial of service and pos…
|
CWE-295
Improper Certificate Validation
|
CVE-2017-2800
|
2024-11-21 12:24 |
2017-05-24 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
254730
|
7.8 |
HIGH
Local
|
marklogic
|
marklogic
|
An exploitable heap corruption vulnerability exists in the AddSst functionality of Antenna House DMC HTMLFilter as used by MarkLogic 8.0-6. A specially crafted XLS file can cause a heap corruption re…
|
CWE-119
Incorrect Access of Indexable Resource ('Range Error')
|
CVE-2017-2799
|
2024-11-21 12:24 |
2017-05-24 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
