|
247411
|
5.5 |
MEDIUM
Local
|
gnu
|
gdb
|
GNU Debugger (GDB) 8.0 and earlier fails to detect a negative length field in a DWARF section. A malformed section in an ELF binary or a core file can cause GDB to repeatedly allocate memory until a …
|
CWE-20
CWE-770
Improper Input Validation
Allocation of Resources Without Limits or Throttling
|
CVE-2017-9778
|
2024-11-21 12:36 |
2017-06-21 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
247412
|
9.8 |
CRITICAL
Network
|
websitebaker
|
websitebaker
|
install\save.php in WebsiteBaker v2.10.0 allows remote attackers to execute arbitrary PHP code via the database_username, database_host, or database_password parameter.
|
CWE-94
Code Injection
|
CVE-2017-9771
|
2024-11-21 12:36 |
2017-06-21 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
247413
|
7.5 |
HIGH
Network
|
wireshark
debian
|
wireshark
debian_linux
|
In Wireshark 2.2.7, PROFINET IO data with a high recursion depth allows remote attackers to cause a denial of service (stack exhaustion) in the dissect_IODWriteReq function in plugins/profinet/packet…
|
CWE-674
Uncontrolled Recursion
|
CVE-2017-9766
|
2024-11-21 12:36 |
2017-06-21 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
247414
|
7.5 |
HIGH
Network
|
radare
|
radare2
|
The grub_ext2_read_block function in fs/ext2.c in GNU GRUB before 2013-11-12, as used in shlr/grub/fs/ext2.c in radare2 1.5.0, allows remote attackers to cause a denial of service (excessive stack us…
|
CWE-119
Incorrect Access of Indexable Resource ('Range Error')
|
CVE-2017-9763
|
2024-11-21 12:36 |
2017-06-20 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
247415
|
5.5 |
MEDIUM
Local
|
radare
|
radare2
|
The cmd_info function in libr/core/cmd_info.c in radare2 1.5.0 allows remote attackers to cause a denial of service (use-after-free and application crash) via a crafted binary file.
|
CWE-416
Use After Free
|
CVE-2017-9762
|
2024-11-21 12:36 |
2017-06-20 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
247416
|
5.5 |
MEDIUM
Local
|
radare
|
radare2
|
The find_eoq function in libr/core/cmd.c in radare2 1.5.0 allows remote attackers to cause a denial of service (heap-based out-of-bounds read and application crash) via a crafted binary file.
|
CWE-119
Incorrect Access of Indexable Resource ('Range Error')
|
CVE-2017-9761
|
2024-11-21 12:36 |
2017-06-20 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
247417
|
8.8 |
HIGH
Network
|
zenbership
|
zenbership
|
SQL Injection exists in admin/index.php in Zenbership 1.0.8 via the filters array parameter, exploitable by a privileged account.
|
CWE-89
SQL Injection
|
CVE-2017-9759
|
2024-11-21 12:36 |
2017-06-19 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
247418
|
8.8 |
HIGH
Network
|
ipfire
|
ipfire
|
IPFire 2.19 has a Remote Command Injection vulnerability in ids.cgi via the OINKCODE parameter, which is mishandled by a shell. This can be exploited directly by authenticated users, or through CSRF.
|
CWE-78
OS Command
|
CVE-2017-9757
|
2024-11-21 12:36 |
2017-06-19 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
247419
|
9.8 |
CRITICAL
Network
|
dfsol
|
nuevomailer
|
SQL injection vulnerability in rdr.php in nuevoMailer version 6.0 and earlier allows remote attackers to execute arbitrary SQL commands via the "r" parameter.
|
CWE-89
SQL Injection
|
CVE-2017-9730
|
2024-11-21 12:36 |
2017-06-19 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
247420
|
7.8 |
HIGH
Local
|
gnu
|
binutils
|
The aarch64_ext_ldst_reglist function in opcodes/aarch64-dis.c in GNU Binutils 2.28 allows remote attackers to cause a denial of service (buffer overflow and application crash) or possibly have unspe…
|
CWE-119
Incorrect Access of Indexable Resource ('Range Error')
|
CVE-2017-9756
|
2024-11-21 12:36 |
2017-06-19 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
