|
247641
|
6.1 |
MEDIUM
Network
|
wordpress
debian
|
wordpress
debian_linux
|
In WordPress before 4.7.5, a cross-site scripting (XSS) vulnerability exists when attempting to upload very large files, because the error message does not properly restrict presentation of the filen…
|
CWE-79
Cross-site Scripting
|
CVE-2017-9061
|
2024-11-21 12:35 |
2017-05-18 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
247642
|
5.5 |
MEDIUM
Local
|
linux
|
linux_kernel
|
The NFSv4 implementation in the Linux kernel through 4.11.1 allows local users to cause a denial of service (resource consumption) by leveraging improper channel callback shutdown when unmounting an …
|
CWE-404
Improper Resource Shutdown or Release
|
CVE-2017-9059
|
2024-11-21 12:35 |
2017-05-18 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
247643
|
9.8 |
CRITICAL
Network
|
ytnef_project
canonical
|
ytnef
ubuntu_linux
|
In libytnef in ytnef through 1.9.2, there is a heap-based buffer over-read due to incorrect boundary checking in the SIZECHECK macro in lib/ytnef.c.
|
CWE-125
Out-of-bounds Read
|
CVE-2017-9058
|
2024-11-21 12:35 |
2017-05-18 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
247644
|
9.8 |
CRITICAL
Network
|
libdwarf_project
|
libdwarf
|
An issue, also known as DW201703-001, was discovered in libdwarf 2017-03-21. In dwarf_formsdata() a few data types were not checked for being in bounds, leading to a heap-based buffer over-read.
|
CWE-125
Out-of-bounds Read
|
CVE-2017-9055
|
2024-11-21 12:35 |
2017-05-18 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
247645
|
9.8 |
CRITICAL
Network
|
libdwarf_project
|
libdwarf
|
An issue, also known as DW201703-002, was discovered in libdwarf 2017-03-21. In _dwarf_decode_s_leb128_chk() a byte pointer was dereferenced just before it was checked for being in bounds, leading to…
|
CWE-125
Out-of-bounds Read
|
CVE-2017-9054
|
2024-11-21 12:35 |
2017-05-18 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
247646
|
9.1 |
CRITICAL
Network
|
libdwarf_project
|
libdwarf
|
An issue, also known as DW201703-005, was discovered in libdwarf 2017-03-21. A heap-based buffer over-read in _dwarf_read_loc_expr_op() is due to a failure to check a pointer for being in bounds (in …
|
CWE-125
Out-of-bounds Read
|
CVE-2017-9053
|
2024-11-21 12:35 |
2017-05-18 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
247647
|
9.8 |
CRITICAL
Network
|
libdwarf_project
|
libdwarf
|
An issue, also known as DW201703-006, was discovered in libdwarf 2017-03-21. A heap-based buffer over-read in dwarf_formsdata() is due to a failure to check a pointer for being in bounds (in a few pl…
|
CWE-119
CWE-125
Incorrect Access of Indexable Resource ('Range Error')
Out-of-bounds Read
|
CVE-2017-9052
|
2024-11-21 12:35 |
2017-05-18 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
247648
|
9.8 |
CRITICAL
Network
|
libav
|
libav
|
libav before 12.1 is vulnerable to an invalid read of size 1 due to NULL pointer dereferencing in the nsv_read_chunk function in libavformat/nsvdec.c.
|
CWE-476
NULL Pointer Dereference
|
CVE-2017-9051
|
2024-11-21 12:35 |
2017-05-18 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
247649
|
7.5 |
HIGH
Network
|
xmlsoft
|
libxml2
|
libxml2 20904-GITv2.9.4-16-g0741801 is vulnerable to a heap-based buffer over-read in the xmlDictAddString function in dict.c. This vulnerability causes programs that use libxml2, such as PHP, to cra…
|
CWE-125
Out-of-bounds Read
|
CVE-2017-9050
|
2024-11-21 12:35 |
2017-05-18 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
247650
|
7.5 |
HIGH
Network
|
xmlsoft
|
libxml2
|
libxml2 20904-GITv2.9.4-16-g0741801 is vulnerable to a heap-based buffer over-read in the xmlDictComputeFastKey function in dict.c. This vulnerability causes programs that use libxml2, such as PHP, t…
|
CWE-125
Out-of-bounds Read
|
CVE-2017-9049
|
2024-11-21 12:35 |
2017-05-18 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
