|
255061
|
7.8 |
HIGH
Local
|
gnu
|
binutils
|
The _bfd_elf_parse_gnu_properties function in elf-properties.c in the Binary File Descriptor (BFD) library (aka libbfd), as distributed in GNU Binutils 2.29.1, does not prevent negative pointers, whi…
|
CWE-125
Out-of-bounds Read
|
CVE-2017-16829
|
2024-11-21 12:17 |
2017-11-15 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
255062
|
7.8 |
HIGH
Local
|
gnu
|
binutils
|
The display_debug_frames function in dwarf.c in GNU Binutils 2.29.1 allows remote attackers to cause a denial of service (integer overflow and heap-based buffer over-read, and application crash) or p…
|
CWE-190
Integer Overflow or Wraparound
|
CVE-2017-16828
|
2024-11-21 12:17 |
2017-11-15 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
255063
|
7.8 |
HIGH
Local
|
gnu
|
binutils
|
The aout_get_external_symbols function in aoutx.h in the Binary File Descriptor (BFD) library (aka libbfd), as distributed in GNU Binutils 2.29.1, allows remote attackers to cause a denial of service…
|
CWE-119
Incorrect Access of Indexable Resource ('Range Error')
|
CVE-2017-16827
|
2024-11-21 12:17 |
2017-11-15 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
255064
|
7.8 |
HIGH
Local
|
gnu
|
binutils
|
The coff_slurp_line_table function in coffcode.h in the Binary File Descriptor (BFD) library (aka libbfd), as distributed in GNU Binutils 2.29.1, allows remote attackers to cause a denial of service …
|
CWE-119
Incorrect Access of Indexable Resource ('Range Error')
|
CVE-2017-16826
|
2024-11-21 12:17 |
2017-11-15 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
255065
|
5.4 |
MEDIUM
Network
|
b3log
|
symphony
|
b3log Symphony (aka Sym) 2.2.0 has XSS in processor/AdminProcessor.java in the admin console, as demonstrated by a crafted X-Forwarded-For HTTP header that is mishandled during display of a client IP…
|
CWE-79
Cross-site Scripting
|
CVE-2017-16821
|
2024-11-21 12:17 |
2017-11-15 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
255066
|
9.8 |
CRITICAL
Network
|
collectd
|
collectd
|
The csnmp_read_table function in snmp.c in the SNMP plugin in collectd before 5.6.3 is susceptible to a double free in a certain error case, which could lead to a crash (or potentially have other imp…
|
CWE-415
Double Free
|
CVE-2017-16820
|
2024-11-21 12:17 |
2017-11-15 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
255067
|
6.1 |
MEDIUM
Network
|
snapcreek
|
duplicator
|
installer.php in the Snap Creek Duplicator (WordPress Site Migration & Backup) plugin before 1.2.30 for WordPress has XSS because the values "url_new" (/wp-content/plugins/duplicator/installer/build/…
|
CWE-79
Cross-site Scripting
|
CVE-2017-16815
|
2024-11-21 12:17 |
2017-11-15 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
255068
|
5.4 |
MEDIUM
Network
|
octopus
|
octopus_deploy
|
Cross-site scripting (XSS) vulnerability in the All Variables tab in Octopus Deploy 3.4.0-3.13.6 (fixed in 3.13.7) allows remote attackers to inject arbitrary web script or HTML via the Variable Set …
|
CWE-79
Cross-site Scripting
|
CVE-2017-16810
|
2024-11-21 12:17 |
2017-11-14 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
255069
|
5.5 |
MEDIUM
Local
|
tcpdump
|
tcpdump
|
tcpdump before 4.9.3 has a heap-based buffer over-read related to aoe_print in print-aoe.c and lookup_emem in addrtoname.c.
|
CWE-125
Out-of-bounds Read
|
CVE-2017-16808
|
2024-11-21 12:17 |
2017-11-14 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
255070
|
5.4 |
MEDIUM
Network
|
getkirby
|
panel
|
A cross-site Scripting (XSS) vulnerability in Kirby Panel before 2.3.3, 2.4.x before 2.4.2, and 2.5.x before 2.5.7 exists when displaying a specially prepared SVG document that has been uploaded as a…
|
CWE-79
Cross-site Scripting
|
CVE-2017-16807
|
2024-11-21 12:17 |
2017-11-14 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
