|
258061
|
7.8 |
HIGH
Local
|
synology
|
assistant
|
Multiple untrusted search path vulnerabilities in installer in Synology Assistant before 6.1-15163 on Windows allows local attackers to execute arbitrary code and conduct DLL hijacking attack via a T…
|
CWE-426
Untrusted Search Path
|
CVE-2017-11160
|
2024-11-21 12:07 |
2017-08-19 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
258062
|
7.5 |
HIGH
Network
|
strongswan
|
strongswan
|
The gmp plugin in strongSwan before 5.6.0 allows remote attackers to cause a denial of service (NULL pointer dereference and daemon crash) via a crafted RSA signature.
|
CWE-476
NULL Pointer Dereference
|
CVE-2017-11185
|
2024-11-21 12:07 |
2017-08-19 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
258063
|
7.8 |
HIGH
Local
|
synology
|
download_station
|
Synology Download Station 3.8.x before 3.8.5-3475 and 3.x before 3.5-2984 uses weak permissions (0777) for ui/dlm/btsearch directory, which allows remote authenticated users to execute arbitrary code…
|
CWE-732
Incorrect Permission Assignment for Critical Resource
|
CVE-2017-11156
|
2024-11-21 12:07 |
2017-08-15 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
258064
|
7.8 |
HIGH
Local
|
synology
|
office
|
Command injection vulnerability in Document.php in Synology Office 2.2.0-1502 and 2.2.1-1506 allows remote authenticated users to execute arbitrary commands via shell metacharacters in the crafted fi…
|
CWE-78
OS Command
|
CVE-2017-11150
|
2024-11-21 12:07 |
2017-08-15 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
258065
|
6.5 |
MEDIUM
Network
|
synology
|
download_station
|
Server-side request forgery (SSRF) vulnerability in Downloader in Synology Download Station 3.8.x before 3.8.5-3475 and 3.x before 3.5-2984 allows remote authenticated users to download arbitrary loc…
|
CWE-918
Server-Side Request Forgery (SSRF)
|
CVE-2017-11149
|
2024-11-21 12:07 |
2017-08-15 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
258066
|
7.5 |
HIGH
Network
|
adobe
|
digital_editions
|
Adobe Digital Editions 4.5.4 and earlier has an exploitable memory corruption vulnerability. Successful exploitation could lead to arbitrary code execution.
|
CWE-119
Incorrect Access of Indexable Resource ('Range Error')
|
CVE-2017-11280
|
2024-11-21 12:07 |
2017-08-12 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
258067
|
7.5 |
HIGH
Network
|
adobe
|
digital_editions
|
Adobe Digital Editions 4.5.4 and earlier has an exploitable use after free vulnerability. Successful exploitation could lead to arbitrary code execution.
|
CWE-416
Use After Free
|
CVE-2017-11279
|
2024-11-21 12:07 |
2017-08-12 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
258068
|
7.5 |
HIGH
Network
|
adobe
|
digital_editions
|
Adobe Digital Editions 4.5.4 and earlier has an exploitable memory corruption vulnerability. Successful exploitation could lead to arbitrary code execution.
|
CWE-119
Incorrect Access of Indexable Resource ('Range Error')
|
CVE-2017-11278
|
2024-11-21 12:07 |
2017-08-12 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
258069
|
7.5 |
HIGH
Network
|
adobe
|
digital_editions
|
Adobe Digital Editions 4.5.4 and earlier has an exploitable memory corruption vulnerability. Successful exploitation could lead to arbitrary code execution.
|
CWE-119
Incorrect Access of Indexable Resource ('Range Error')
|
CVE-2017-11277
|
2024-11-21 12:07 |
2017-08-12 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
258070
|
7.5 |
HIGH
Network
|
adobe
|
digital_editions
|
Adobe Digital Editions 4.5.4 and earlier has an exploitable memory corruption vulnerability. Successful exploitation could lead to arbitrary code execution.
|
CWE-119
Incorrect Access of Indexable Resource ('Range Error')
|
CVE-2017-11276
|
2024-11-21 12:07 |
2017-08-12 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
