|
257601
|
7.8 |
HIGH
Local
|
tuxera
debian
|
ntfs-3g
debian_linux
|
Jann Horn of Google Project Zero discovered that NTFS-3G, a read-write NTFS driver for FUSE, does not scrub the environment before executing modprobe with elevated privileges. A local user can take a…
|
CWE-269
Improper Privilege Management
|
CVE-2017-0358
|
2024-11-21 12:02 |
2018-04-14 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
257602
|
9.8 |
CRITICAL
Network
|
iucode-tool_project
debian
|
iucode-tool
debian_linux
|
A heap-overflow flaw exists in the -tr loader of iucode-tool starting with v1.4 and before v2.1.1, potentially leading to SIGSEGV, or heap corruption.
|
CWE-119
Incorrect Access of Indexable Resource ('Range Error')
|
CVE-2017-0357
|
2024-11-21 12:02 |
2018-04-14 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
257603
|
9.8 |
CRITICAL
Network
|
ikiwiki
debian
|
ikiwiki
debian_linux
|
A flaw, similar to to CVE-2016-9646, exists in ikiwiki before 3.20170111, in the passwordauth plugin's use of CGI::FormBuilder, allowing an attacker to bypass authentication via repeated parameters.
|
CWE-287
Improper Authentication
|
CVE-2017-0356
|
2024-11-21 12:02 |
2018-04-14 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
257604
|
7.8 |
HIGH
Local
|
google
|
android
|
An elevation of privilege vulnerability in Qualcomm closed source components. Product: Android. Versions: Android kernel. Android ID: A-32573899.
|
NVD-CWE-noinfo
|
CVE-2017-0431
|
2024-11-21 12:02 |
2018-04-6 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
257605
|
9.8 |
CRITICAL
Network
|
haxx
|
curl
|
The verify_certificate function in lib/vtls/schannel.c in libcurl 7.30.0 through 7.51.0, when built for Windows CE using the schannel TLS backend, allows remote attackers to obtain sensitive informat…
|
CWE-125
Out-of-bounds Read
|
CVE-2016-9953
|
2024-11-21 12:02 |
2018-03-13 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
257606
|
8.1 |
HIGH
Network
|
haxx
|
curl
|
The verify_certificate function in lib/vtls/schannel.c in libcurl 7.30.0 through 7.51.0, when built for Windows CE using the schannel TLS backend, makes it easier for remote attackers to conduct man-…
|
CWE-295
Improper Certificate Validation
|
CVE-2016-9952
|
2024-11-21 12:02 |
2018-03-13 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
257607
|
5.4 |
MEDIUM
Network
|
f5
|
big-ip_advanced_firewall_manager
|
A SQL injection vulnerability exists in the BIG-IP AFM management UI on versions 12.0.0, 12.1.0, 12.1.1, 12.1.2 and 13.0.0 that may allow a copy of the firewall rules to be tampered with and impact t…
|
CWE-89
SQL Injection
|
CVE-2017-0304
|
2024-11-21 12:02 |
2017-12-22 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
257608
|
7.6 |
HIGH
Adjacent
|
f5
|
big-ip_access_policy_manager
|
In F5 BIG-IP APM software versions 11.5.0, 11.5.1, 11.5.2, 11.5.3, 11.5.4, 11.6.0, 11.6.1, 12.0.0, 12.1.0, 12.1.1 and 12.1.2 BIG-IP APM portal access requests do not return the intended resources in …
|
NVD-CWE-noinfo
|
CVE-2017-0301
|
2024-11-21 12:02 |
2017-12-22 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
257609
|
7.5 |
HIGH
Network
|
f5
|
big-ip_local_traffic_manager
big-ip_application_acceleration_manager
big-ip_advanced_firewall_manager
big-ip_access_policy_manager
big-ip_application_security_manager
big-ip_link_contr…
|
In F5 BIG-IP LTM, AAM, AFM, Analytics, APM, ASM, DNS, GTM, Link Controller, PEM and Websafe software version 13.0.0, 12.0.0 to 12.1.2 and 11.5.1 to 11.6.1, under limited circumstances connections han…
|
CWE-459
Incomplete Cleanup
|
CVE-2017-0303
|
2024-11-21 12:02 |
2017-10-27 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
257610
|
7.8 |
HIGH
Local
|
nvidia
|
geforce_experience
|
In GeForce Experience (GFE) 3.x before 3.10.0.55, NVIDIA Installer Framework contains a vulnerability in NVISystemService64 where a value passed from a user to the driver is used without validation, …
|
CWE-20
Improper Input Validation
|
CVE-2017-0316
|
2024-11-21 12:02 |
2017-10-17 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
