|
252611
|
6.5 |
MEDIUM
Network
|
piwigo
|
piwigo
|
The application Piwigo is affected by an SQL injection vulnerability in version 2.9.2 and possibly prior. This vulnerability allows remote authenticated attackers to obtain information in the context…
|
CWE-89
SQL Injection
|
CVE-2017-16893
|
2024-11-21 12:17 |
2017-12-2 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
252612
|
5.5 |
MEDIUM
Local
|
vim
debian
canonical
|
vim
debian_linux
ubuntu_linux
|
fileio.c in Vim prior to 8.0.1263 sets the group ownership of a .swp file to the editor's primary group (which may be different from the group ownership of the original file), which allows local user…
|
CWE-668
Exposure of Resource to Wrong Sphere
|
CVE-2017-17087
|
2024-11-21 12:17 |
2017-12-1 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
252613
|
9.8 |
CRITICAL
Network
|
inedo
|
otter
|
Indeo Otter through 1.7.4 mishandles a "</script>" substring in an initial DP payload, which allows remote attackers to cause a denial of service (crash) or possibly have unspecified other impact, as…
|
CWE-20
Improper Input Validation
|
CVE-2017-17086
|
2024-11-21 12:17 |
2017-12-1 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
252614
|
7.5 |
HIGH
Network
|
wireshark
debian
|
wireshark
debian_linux
|
In Wireshark 2.4.0 to 2.4.2 and 2.2.0 to 2.2.10, the CIP Safety dissector could crash. This was addressed in epan/dissectors/packet-cipsafety.c by validating the packet length.
|
CWE-754
Improper Check for Unusual or Exceptional Conditions
|
CVE-2017-17085
|
2024-11-21 12:17 |
2017-12-1 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
252615
|
7.5 |
HIGH
Network
|
wireshark
debian
|
wireshark
debian_linux
|
In Wireshark 2.4.0 to 2.4.2 and 2.2.0 to 2.2.10, the IWARP_MPA dissector could crash. This was addressed in epan/dissectors/packet-iwarp-mpa.c by validating a ULPDU length.
|
CWE-754
Improper Check for Unusual or Exceptional Conditions
|
CVE-2017-17084
|
2024-11-21 12:17 |
2017-12-1 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
252616
|
7.5 |
HIGH
Network
|
wireshark
debian
|
wireshark
debian_linux
|
In Wireshark 2.4.0 to 2.4.2 and 2.2.0 to 2.2.10, the NetBIOS dissector could crash. This was addressed in epan/dissectors/packet-netbios.c by ensuring that write operations are bounded by the beginni…
|
CWE-754
Improper Check for Unusual or Exceptional Conditions
|
CVE-2017-17083
|
2024-11-21 12:17 |
2017-12-1 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
252617
|
6.5 |
MEDIUM
Network
|
ffmpeg
|
ffmpeg
|
The gmc_mmx function in libavcodec/x86/mpegvideodsp.c in FFmpeg 2.3 and 3.4 does not properly validate widths and heights, which allows remote attackers to cause a denial of service (integer signedne…
|
CWE-125
Out-of-bounds Read
|
CVE-2017-17081
|
2024-11-21 12:17 |
2017-12-1 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
252618
|
5.5 |
MEDIUM
Local
|
gnu
|
binutils
|
elf.c in the Binary File Descriptor (BFD) library (aka libbfd), as distributed in GNU Binutils 2.29.1, does not validate sizes of core notes, which allows remote attackers to cause a denial of servic…
|
CWE-125
Out-of-bounds Read
|
CVE-2017-17080
|
2024-11-21 12:17 |
2017-12-1 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
252619
|
7.5 |
HIGH
Network
|
dlink
|
dir-605l_model_b_firmware
|
An issue was discovered on D-Link DIR-605L Model B before FW2.11betaB06_hbrf devices, related to the code that handles the authentication values for HNAP. An attacker can cause a denial of service (d…
|
CWE-20
Improper Input Validation
|
CVE-2017-17065
|
2024-11-21 12:17 |
2017-12-1 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
252620
|
9.8 |
CRITICAL
Network
|
splunk
|
splunk
|
Splunk Web in Splunk Enterprise 7.0.x before 7.0.0.1, 6.6.x before 6.6.3.2, 6.5.x before 6.5.6, 6.4.x before 6.4.9, and 6.3.x before 6.3.12, when the SAML authType is enabled, mishandles SAML, which …
|
CWE-863
Incorrect Authorization
|
CVE-2017-17067
|
2024-11-21 12:17 |
2017-11-30 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
