|
253831
|
5.4 |
MEDIUM
Network
|
metinfo
|
metinfo
|
Cross-site scripting (XSS) vulnerability in MetInfo 5.3.15 allows remote authenticated users to inject arbitrary web script or HTML via the name_2 parameter to admin/column/delete.php.
|
CWE-79
Cross-site Scripting
|
CVE-2017-6878
|
2024-11-21 12:30 |
2017-03-28 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
253832
|
8.1 |
HIGH
Network
|
broadcom
|
bcm4339_soc_firmware
|
Stack-based buffer overflow in the firmware in Broadcom Wi-Fi HardMAC SoC chips, when the firmware supports CCKM Fast and Secure Roaming and the feature is enabled in RAM, allows remote attackers to …
|
CWE-119
Incorrect Access of Indexable Resource ('Range Error')
|
CVE-2017-6957
|
2024-11-21 12:30 |
2017-03-27 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
253833
|
9.8 |
CRITICAL
Network
|
sap
|
gui_for_windows
|
SAP GUI 7.2 through 7.5 allows remote attackers to bypass intended security policy restrictions and execute arbitrary code via a crafted ABAP code, aka SAP Security Note 2407616.
|
CWE-732
Incorrect Permission Assignment for Critical Resource
|
CVE-2017-6950
|
2024-11-21 12:30 |
2017-03-24 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
253834
|
6.6 |
MEDIUM
Physics
|
usb_pratirodh_project
|
usb_pratirodh
|
USB Pratirodh is prone to sensitive information disclosure. It stores sensitive information such as username and password in simple usb.xml. An attacker with physical access to the system can modify …
|
CWE-922
Insecure Storage of Sensitive Information
|
CVE-2017-6911
|
2024-11-21 12:30 |
2017-03-24 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
253835
|
9.8 |
CRITICAL
Network
|
usb_pratirodh_project
|
usb_pratirodh
|
USB Pratirodh allows remote attackers to conduct XML External Entity (XXE) attacks via XML data in usb.xml.
|
CWE-611
XXE
|
CVE-2017-6895
|
2024-11-21 12:30 |
2017-03-24 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
253836
|
9.8 |
CRITICAL
Network
|
alienvault
nfsen
|
ossim
unified_security_management
nfsen
|
AlienVault USM and OSSIM before 5.3.7 and NfSen before 1.3.8 have an error in privilege dropping and unnecessarily execute the NfSen Perl code as root, aka AlienVault ID ENG-104945, a different vulne…
|
CWE-273
Improper Check for Dropped Privileges
|
CVE-2017-6972
|
2024-11-21 12:30 |
2017-03-23 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
253837
|
8.8 |
HIGH
Network
|
alienvault
nfsen
|
ossim
unified_security_management
nfsen
|
AlienVault USM and OSSIM before 5.3.7 and NfSen before 1.3.8 allow remote authenticated users to execute arbitrary commands in a privileged context, or launch a reverse shell, via vectors involving t…
|
CWE-74
Injection
|
CVE-2017-6971
|
2024-11-21 12:30 |
2017-03-22 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
253838
|
8.4 |
HIGH
Local
|
alienvault
nfsen
|
ossim
unified_security_management
nfsen
|
AlienVault USM and OSSIM before 5.3.7 and NfSen before 1.3.8 allow local users to execute arbitrary commands in a privileged context via an NfSen socket, aka AlienVault ID ENG-104863.
|
CWE-78
OS Command
|
CVE-2017-6970
|
2024-11-21 12:30 |
2017-03-22 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
253839
|
5.5 |
MEDIUM
Local
|
audiofile
|
audiofile
|
Integer overflow in modules/MSADPCM.cpp in Audio File Library (aka audiofile) 0.3.6 allows remote attackers to cause a denial of service (crash) via a crafted file.
|
CWE-190
Integer Overflow or Wraparound
|
CVE-2017-6839
|
2024-11-21 12:30 |
2017-03-21 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
253840
|
5.5 |
MEDIUM
Local
|
audiofile
|
audiofile
|
Integer overflow in sfcommands/sfconvert.c in Audio File Library (aka audiofile) 0.3.6 allows remote attackers to cause a denial of service (crash) via a crafted file.
|
CWE-190
Integer Overflow or Wraparound
|
CVE-2017-6838
|
2024-11-21 12:30 |
2017-03-21 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
