|
248181
|
5.5 |
MEDIUM
Local
|
kodi
debian
|
kodi
debian_linux
|
Directory Traversal in Zip Extraction built-in function in Kodi 17.1 and earlier allows arbitrary file write on disk via a Zip file as subtitles.
|
CWE-22
Path Traversal
|
CVE-2017-8314
|
2024-11-21 12:33 |
2017-05-24 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
248182
|
5.5 |
MEDIUM
Local
|
videolan
|
vlc_media_player
|
Heap out-of-bound read in ParseJSS in VideoLAN VLC before 2.2.5 due to missing check of string termination allows attackers to read data beyond allocated memory and potentially crash the process via …
|
CWE-125
Out-of-bounds Read
|
CVE-2017-8313
|
2024-11-21 12:33 |
2017-05-24 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
248183
|
5.5 |
MEDIUM
Local
|
videolan
debian
|
vlc_media_player
debian_linux
|
Heap out-of-bound read in ParseJSS in VideoLAN VLC due to missing check of string length allows attackers to read heap uninitialized data via a crafted subtitles file.
|
CWE-125
Out-of-bounds Read
|
CVE-2017-8312
|
2024-11-21 12:33 |
2017-05-24 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
248184
|
7.8 |
HIGH
Local
|
videolan
|
vlc_media_player
|
Potential heap based buffer overflow in ParseJSS in VideoLAN VLC before 2.2.5 due to skipping NULL terminator in an input string allows attackers to execute arbitrary code via a crafted subtitles fil…
|
CWE-119
Incorrect Access of Indexable Resource ('Range Error')
|
CVE-2017-8311
|
2024-11-21 12:33 |
2017-05-24 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
248185
|
5.5 |
MEDIUM
Local
|
videolan
|
vlc_media_player
|
Heap out-of-bound read in CreateHtmlSubtitle in VideoLAN VLC 2.2.x due to missing check of string termination allows attackers to read data beyond allocated memory and potentially crash the process (…
|
CWE-125
Out-of-bounds Read
|
CVE-2017-8310
|
2024-11-21 12:33 |
2017-05-24 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
248186
|
6.5 |
MEDIUM
Local
|
qemu
debian
redhat
|
qemu
debian_linux
openstack
|
Memory leak in the keyboard input event handlers support in QEMU (aka Quick Emulator) allows local guest OS privileged users to cause a denial of service (host memory consumption) by rapidly generati…
|
CWE-772
Missing Release of Resource after Effective Lifetime
|
CVE-2017-8379
|
2024-11-21 12:33 |
2017-05-23 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
248187
|
7.5 |
HIGH
Network
|
qemu
debian
redhat
|
qemu
debian_linux
openstack
|
Memory leak in the audio/audio.c in QEMU (aka Quick Emulator) allows remote attackers to cause a denial of service (memory consumption) by repeatedly starting and stopping audio capture.
|
CWE-772
Missing Release of Resource after Effective Lifetime
|
CVE-2017-8309
|
2024-11-21 12:33 |
2017-05-23 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
248188
|
7.8 |
HIGH
Local
|
schneider-electric
|
wonderware_indusoft_web_studio
|
An Incorrect Default Permissions issue was discovered in Schneider Electric Wonderware InduSoft Web Studio v8.0 Patch 3 and prior versions. Upon installation, Wonderware InduSoft Web Studio creates a…
|
CWE-276
Incorrect Default Permissions
|
CVE-2017-7968
|
2024-11-21 12:33 |
2017-05-20 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
248189
|
4.0 |
MEDIUM
Network
|
phoenix_contact_gmbh
|
mguard_firmware
|
An Improper Authentication issue was discovered in Phoenix Contact GmbH mGuard firmware versions 8.3.0 to 8.4.2. An attacker may be able to gain unauthorized access to the user firewall when RADIUS s…
|
CWE-287
Improper Authentication
|
CVE-2017-7937
|
2024-11-21 12:33 |
2017-05-19 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
248190
|
7.5 |
HIGH
Network
|
mikrotik
|
routeros
|
A vulnerability in MikroTik Version 6.38.5 could allow an unauthenticated remote attacker to exhaust all available CPU via a flood of UDP packets on port 500 (used for L2TP over IPsec), preventing th…
|
CWE-400
Uncontrolled Resource Consumption
|
CVE-2017-8338
|
2024-11-21 12:33 |
2017-05-18 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
