|
265311
|
5.3 |
MEDIUM
Network
|
tryton
|
tryton
|
file_open in Tryton 3.x and 4.x through 4.2.2 allows remote authenticated users with certain permissions to read arbitrary files via a "same root name but with a suffix" attack. NOTE: This vulnerabil…
|
CWE-269
Improper Privilege Management
|
CVE-2017-0360
|
2024-11-21 12:02 |
2017-04-5 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
265312
|
6.1 |
MEDIUM
Network
|
ibm
|
inotes
|
IBM iNotes 8.5 and 9.0 is vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially lea…
|
CWE-79
Cross-site Scripting
|
CVE-2016-9990
|
2024-11-21 12:02 |
2017-04-1 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
265313
|
9.8 |
CRITICAL
Network
|
synacor
|
zimbra_collaboration_suite
|
Zimbra Collaboration Suite (ZCS) before 8.7.4 allows remote attackers to conduct XML External Entity (XXE) attacks.
|
CWE-611
XXE
|
CVE-2016-9924
|
2024-11-21 12:02 |
2017-03-29 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
265314
|
5.5 |
MEDIUM
Local
|
qemu
|
qemu
|
The cirrus_do_copy function in hw/display/cirrus_vga.c in QEMU (aka Quick Emulator), when cirrus graphics mode is VGA, allows local guest OS privileged users to cause a denial of service (divide-by-z…
|
CWE-369
Divide By Zero
|
CVE-2016-9922
|
2024-11-21 12:02 |
2017-03-28 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
265315
|
4.4 |
MEDIUM
Local
|
microsoft
|
internet_explorer
|
Microsoft Internet Explorer 11 on Windows 10, 1511, and 1606 and Windows Server 2016 does not enforce cross-domain policies, allowing attackers to access information from one domain and inject it int…
|
CWE-74
Injection
|
CVE-2017-0154
|
2024-11-21 12:02 |
2017-03-17 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
265316
|
4.2 |
MEDIUM
Network
|
microsoft
|
edge
|
Microsoft Edge allows remote attackers to bypass the Same Origin Policy for HTML elements in other browser windows, aka "Microsoft Edge Security Feature Bypass Vulnerability." This vulnerability is d…
|
NVD-CWE-noinfo
|
CVE-2017-0140
|
2024-11-21 12:02 |
2017-03-17 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
265317
|
4.2 |
MEDIUM
Network
|
microsoft
|
edge
|
Microsoft Edge allows remote attackers to bypass the Same Origin Policy for HTML elements in other browser windows, aka "Microsoft Edge Security Feature Bypass Vulnerability." This vulnerability is d…
|
NVD-CWE-noinfo
|
CVE-2017-0135
|
2024-11-21 12:02 |
2017-03-17 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
265318
|
7.5 |
HIGH
Network
|
microsoft
|
internet_explorer
|
The scripting engine in Microsoft Internet Explorer 9 through 11 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka "Script…
|
CWE-119
Incorrect Access of Indexable Resource ('Range Error')
|
CVE-2017-0130
|
2024-11-21 12:02 |
2017-03-17 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
265319
|
7.5 |
HIGH
Network
|
microsoft
|
lync_for_mac
|
Microsoft Lync for Mac 2011 fails to properly validate certificates, allowing remote attackers to alter server-client communications, aka "Microsoft Lync for Mac Certificate Validation Vulnerability."
|
CWE-295
Improper Certificate Validation
|
CVE-2017-0129
|
2024-11-21 12:02 |
2017-03-17 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
265320
|
7.5 |
HIGH
Network
|
microsoft
|
edge
|
A remote code execution vulnerability exists in the way affected Microsoft scripting engines render when handling objects in memory in Microsoft browsers. These vulnerabilities could corrupt memory i…
|
CWE-119
Incorrect Access of Indexable Resource ('Range Error')
|
CVE-2017-0151
|
2024-11-21 12:02 |
2017-03-17 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
