|
247711
|
7.5 |
HIGH
Network
|
gnu
|
binutils
|
The Binary File Descriptor (BFD) library (aka libbfd), as distributed in GNU Binutils 2.28, has an aout_link_add_symbols function in bfd/aoutx.h that is vulnerable to a heap-based buffer over-read (o…
|
CWE-125
Out-of-bounds Read
|
CVE-2017-7300
|
2024-11-21 12:31 |
2017-03-30 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
247712
|
5.5 |
MEDIUM
Local
|
gnu
|
binutils
|
The Binary File Descriptor (BFD) library (aka libbfd), as distributed in GNU Binutils 2.28, has an invalid read (of size 8) because the code to emit relocs (bfd_elf_final_link function in bfd/elflink…
|
CWE-125
Out-of-bounds Read
|
CVE-2017-7299
|
2024-11-21 12:31 |
2017-03-30 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
247713
|
7.5 |
HIGH
Network
|
mikrotik
|
routeros
|
A vulnerability in the network stack of MikroTik Version 6.38.5 released 2017-03-09 could allow an unauthenticated remote attacker to exhaust all available CPU via a flood of TCP RST packets, prevent…
|
CWE-400
Uncontrolled Resource Consumption
|
CVE-2017-7285
|
2024-11-21 12:31 |
2017-03-29 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
247714
|
5.4 |
MEDIUM
Network
|
moodle
|
moodle
|
In Moodle 3.2.2+, there is XSS in the Course summary filter of the "Add a new course" page, as demonstrated by a crafted attribute of an SVG element.
|
CWE-79
Cross-site Scripting
|
CVE-2017-7298
|
2024-11-21 12:31 |
2017-03-29 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
247715
|
7.8 |
HIGH
Local
|
linux
|
linux_kernel
|
The vmw_surface_define_ioctl function in drivers/gpu/drm/vmwgfx/vmwgfx_surface.c in the Linux kernel through 4.10.6 does not validate addition of certain levels data, which allows local users to trig…
|
CWE-787
CWE-190
Out-of-bounds Write
Integer Overflow or Wraparound
|
CVE-2017-7294
|
2024-11-21 12:31 |
2017-03-29 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
247716
|
8.8 |
HIGH
Network
|
suse
|
rancher
|
Rancher Labs rancher server 1.2.0+ is vulnerable to authenticated users disabling access control via an API call. This is fixed in versions rancher/server:v1.2.4, rancher/server:v1.3.5, rancher/serve…
|
NVD-CWE-noinfo
|
CVE-2017-7297
|
2024-11-21 12:31 |
2017-03-29 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
247717
|
7.1 |
HIGH
Local
|
linux
|
linux_kernel
|
The TCP stack in the Linux kernel through 4.10.6 mishandles the SCM_TIMESTAMPING_OPT_STATS feature, which allows local users to obtain sensitive information from the kernel's internal socket data str…
|
CWE-125
Out-of-bounds Read
|
CVE-2017-7277
|
2024-11-21 12:31 |
2017-03-28 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
247718
|
5.5 |
MEDIUM
Local
|
imagemagick
|
imagemagick
|
The ReadPCXImage function in coders/pcx.c in ImageMagick 7.0.4.9 allows remote attackers to cause a denial of service (attempted large memory allocation and application crash) via a crafted file. NOT…
|
CWE-119
Incorrect Access of Indexable Resource ('Range Error')
|
CVE-2017-7275
|
2024-11-21 12:31 |
2017-03-28 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
247719
|
5.5 |
MEDIUM
Local
|
radare
|
radare2
|
The r_pkcs7_parse_cms function in libr/util/r_pkcs7.c in radare2 1.3.0 allows remote attackers to cause a denial of service (NULL pointer dereference and application crash) via a crafted PE file.
|
CWE-476
NULL Pointer Dereference
|
CVE-2017-7274
|
2024-11-21 12:31 |
2017-03-28 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
247720
|
6.6 |
MEDIUM
Physics
|
linux
|
linux_kernel
|
The cp_report_fixup function in drivers/hid/hid-cypress.c in the Linux kernel 3.2 and 4.x before 4.9.4 allows physically proximate attackers to cause a denial of service (integer underflow) or possib…
|
NVD-CWE-Other
|
CVE-2017-7273
|
2024-11-21 12:31 |
2017-03-28 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
