|
247251
|
7.8 |
HIGH
Local
|
google
|
android
|
In Android for MSM, Firefox OS for MSM, QRD Android, with all Android releases from CAF using the Linux kernel, there is a possible double free/use after free in the SPS driver when debugfs logging i…
|
CWE-415
Double Free
|
CVE-2017-9686
|
2024-11-21 12:36 |
2017-10-11 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
247252
|
7.8 |
HIGH
Local
|
google
|
android
|
In Android for MSM, Firefox OS for MSM, QRD Android, with all Android releases from CAF using the Linux kernel, while flashing a meta image, an integer overflow can occur, if user-defined image offse…
|
CWE-190
Integer Overflow or Wraparound
|
CVE-2017-9683
|
2024-11-21 12:36 |
2017-10-11 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
247253
|
5.3 |
MEDIUM
Network
|
saia_burgess_controls
|
pcd_controllers_firmware
|
An Information Exposure issue was discovered in Saia Burgess Controls PCD Controllers with PCD firmware versions prior to 1.28.16 or 1.24.69. In certain circumstances, the device pads Ethernet frames…
|
CWE-200
Information Exposure
|
CVE-2017-9628
|
2024-11-21 12:36 |
2017-10-5 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
247254
|
6.5 |
MEDIUM
Network
|
apache
|
impala
|
In Apache Impala (incubating) before 2.10.0, a malicious user with "ALTER" permissions on an Impala table can access any other Kudu table data by altering the table properties to make it "external" a…
|
CWE-732
Incorrect Permission Assignment for Critical Resource
|
CVE-2017-9792
|
2024-11-21 12:36 |
2017-10-4 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
247255
|
6.5 |
MEDIUM
Network
|
apache
|
geode
|
When an Apache Geode cluster before v1.2.1 is operating in secure mode, an unauthenticated client can enter multi-user authentication mode and send metadata messages. These metadata operations could …
|
CWE-200
Information Exposure
|
CVE-2017-9797
|
2024-11-21 12:36 |
2017-10-3 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
247256
|
4.9 |
MEDIUM
Network
|
solarwinds
|
network_performance_monitor
|
The 'Upload logo from external path' function of SolarWinds Network Performance Monitor version 12.0.15300.90 allows remote attackers to cause a denial of service (permanent display of a "Cannot exit…
|
CWE-20
Improper Input Validation
|
CVE-2017-9538
|
2024-11-21 12:36 |
2017-10-3 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
247257
|
4.8 |
MEDIUM
Network
|
solarwinds
|
network_performance_monitor
|
Persistent cross-site scripting (XSS) in the Add Node function of SolarWinds Network Performance Monitor version 12.0.15300.90 allows remote attackers to introduce arbitrary JavaScript into various v…
|
CWE-79
Cross-site Scripting
|
CVE-2017-9537
|
2024-11-21 12:36 |
2017-10-3 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
247258
|
4.3 |
MEDIUM
Network
|
apache
|
geode
|
When a cluster is operating in secure mode, a user with read privileges for specific data regions can use the gfsh command line utility to execute queries. In Apache Geode before 1.2.1, the query res…
|
CWE-200
Information Exposure
|
CVE-2017-9794
|
2024-11-21 12:36 |
2017-09-30 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
247259
|
7.5 |
HIGH
Network
|
apache
|
mesos
|
When handling a libprocess message wrapped in an HTTP request, libprocess in Apache Mesos before 1.1.3, 1.2.x before 1.2.2, 1.3.x before 1.3.1, and 1.4.0-dev crashes if the request path is empty, bec…
|
CWE-416
Use After Free
|
CVE-2017-9790
|
2024-11-21 12:36 |
2017-09-29 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
247260
|
6.1 |
MEDIUM
Network
|
mahara
|
mahara
|
Mahara 15.04 before 15.04.14 and 16.04 before 16.04.8 and 16.10 before 16.10.5 and 17.04 before 17.04.3 are vulnerable to a user submitting potential dangerous payload, e.g. XSS code, to be saved as …
|
CWE-79
Cross-site Scripting
|
CVE-2017-9551
|
2024-11-21 12:36 |
2017-09-26 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
