|
256461
|
7.8 |
HIGH
Local
|
php
|
php
|
In PHP before 5.6.31, 7.x before 7.0.21, and 7.1.x before 7.1.7, a stack-based buffer overflow in the zend_ini_do_op() function in Zend/zend_ini_parser.c could cause a denial of service or potentiall…
|
CWE-119
Incorrect Access of Indexable Resource ('Range Error')
|
CVE-2017-11628
|
2024-11-21 12:08 |
2017-07-26 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
256462
|
5.5 |
MEDIUM
Local
|
qpdf_project
|
qpdf
|
A stack-consumption vulnerability was found in libqpdf in QPDF 6.0.0, which allows attackers to cause a denial of service via a crafted file, related to the PointerHolder function in PointerHolder.hh…
|
CWE-835
Loop with Unreachable Exit Condition ('Infinite Loop')
|
CVE-2017-11627
|
2024-11-21 12:08 |
2017-07-26 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
256463
|
5.5 |
MEDIUM
Local
|
qpdf_project
|
qpdf
|
A stack-consumption vulnerability was found in libqpdf in QPDF 6.0.0, which allows attackers to cause a denial of service via a crafted file, related to the QPDFTokenizer::resolveLiteral function in …
|
CWE-835
Loop with Unreachable Exit Condition ('Infinite Loop')
|
CVE-2017-11626
|
2024-11-21 12:08 |
2017-07-26 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
256464
|
5.5 |
MEDIUM
Local
|
qpdf_project
|
qpdf
|
A stack-consumption vulnerability was found in libqpdf in QPDF 6.0.0, which allows attackers to cause a denial of service via a crafted file, related to the QPDF::resolveObjectsInStream function in Q…
|
CWE-835
Loop with Unreachable Exit Condition ('Infinite Loop')
|
CVE-2017-11625
|
2024-11-21 12:08 |
2017-07-26 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
256465
|
5.5 |
MEDIUM
Local
|
qpdf_project
|
qpdf
|
A stack-consumption vulnerability was found in libqpdf in QPDF 6.0.0, which allows attackers to cause a denial of service via a crafted file, related to the QPDFTokenizer::resolveLiteral function in …
|
CWE-835
Loop with Unreachable Exit Condition ('Infinite Loop')
|
CVE-2017-11624
|
2024-11-21 12:08 |
2017-07-26 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
256466
|
6.1 |
MEDIUM
Network
|
atmail
|
atmail
|
Cross-site scripting (XSS) vulnerability in atmail prior to version 7.8.0.2 allows remote attackers to inject arbitrary web script or HTML within the body of an email via an IMG element with both sin…
|
CWE-79
Cross-site Scripting
|
CVE-2017-11617
|
2024-11-21 12:08 |
2017-07-26 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
256467
|
9.8 |
CRITICAL
Network
|
medhost
|
connex
|
MEDHOST Connex contains hard-coded credentials that are used for customer database access. An attacker with knowledge of the hard-coded credentials and the ability to communicate directly with the da…
|
CWE-798
Use of Hard-coded Credentials
|
CVE-2017-11614
|
2024-11-21 12:08 |
2017-07-26 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
256468
|
7.8 |
HIGH
Local
|
appsec-labs
|
appuse
|
AppUse 4.0 allows shell command injection via a proxy field.
|
CWE-78
OS Command
|
CVE-2017-11566
|
2024-11-21 12:08 |
2017-07-26 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
256469
|
6.5 |
MEDIUM
Network
|
libsass
|
libsass
|
There is a heap-based buffer over-read in the Sass::Prelexer::re_linebreak function in lexer.cpp in LibSass 3.4.5. A crafted input will lead to a remote denial of service attack.
|
CWE-125
Out-of-bounds Read
|
CVE-2017-11608
|
2024-11-21 12:08 |
2017-07-24 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
256470
|
6.5 |
MEDIUM
Network
|
libsass
|
libsass
|
There is a heap based buffer over-read in LibSass 3.4.5, related to address 0xb4803ea1. A crafted input will lead to a remote denial of service attack.
|
CWE-125
Out-of-bounds Read
|
CVE-2017-11605
|
2024-11-21 12:08 |
2017-07-24 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
