|
247081
|
6.1 |
MEDIUM
Network
|
websitebaker
|
websitebaker
|
WebsiteBaker v2.10.0 has a stored XSS vulnerability in /account/details.php.
|
CWE-79
Cross-site Scripting
|
CVE-2017-9361
|
2024-11-21 12:35 |
2017-06-2 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
247082
|
9.8 |
CRITICAL
Network
|
websitebaker
|
websitebaker
|
WebsiteBaker v2.10.0 has a SQL injection vulnerability in /account/details.php.
|
CWE-89
SQL Injection
|
CVE-2017-9360
|
2024-11-21 12:35 |
2017-06-2 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
247083
|
7.5 |
HIGH
Network
|
digium
|
open_source
certified_asterisk
|
The multi-part body parser in PJSIP, as used in Asterisk Open Source 13.x before 13.15.1 and 14.x before 14.4.1, Certified Asterisk 13.13 before 13.13-cert4, and other products, allows remote attacke…
|
CWE-125
Out-of-bounds Read
|
CVE-2017-9359
|
2024-11-21 12:35 |
2017-06-2 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
247084
|
7.5 |
HIGH
Network
|
sangoma
asterisk
|
asterisk
certified_asterisk
|
A memory exhaustion vulnerability exists in Asterisk Open Source 13.x before 13.15.1 and 14.x before 14.4.1 and Certified Asterisk 13.13 before 13.13-cert4, which can be triggered by sending speciall…
|
CWE-835
Loop with Unreachable Exit Condition ('Infinite Loop')
|
CVE-2017-9358
|
2024-11-21 12:35 |
2017-06-2 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
247085
|
7.5 |
HIGH
Network
|
wireshark
|
wireshark
|
In Wireshark 2.2.0 to 2.2.6 and 2.0.0 to 2.0.12, the RGMP dissector could crash. This was addressed in epan/dissectors/packet-rgmp.c by validating an IPv4 address.
|
CWE-20
Improper Input Validation
|
CVE-2017-9354
|
2024-11-21 12:35 |
2017-06-2 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
247086
|
7.5 |
HIGH
Network
|
wireshark
|
wireshark
|
In Wireshark 2.2.0 to 2.2.6, the IPv6 dissector could crash. This was addressed in epan/dissectors/packet-ipv6.c by validating an IPv6 address.
|
CWE-20
Improper Input Validation
|
CVE-2017-9353
|
2024-11-21 12:35 |
2017-06-2 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
247087
|
7.5 |
HIGH
Network
|
wireshark
|
wireshark
|
In Wireshark 2.2.0 to 2.2.6 and 2.0.0 to 2.0.12, the Bazaar dissector could go into an infinite loop. This was addressed in epan/dissectors/packet-bzr.c by ensuring that backwards parsing cannot occu…
|
CWE-835
Loop with Unreachable Exit Condition ('Infinite Loop')
|
CVE-2017-9352
|
2024-11-21 12:35 |
2017-06-2 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
247088
|
7.5 |
HIGH
Network
|
wireshark
|
wireshark
|
In Wireshark 2.2.0 to 2.2.6 and 2.0.0 to 2.0.12, the DHCP dissector could read past the end of a buffer. This was addressed in epan/dissectors/packet-bootp.c by extracting the Vendor Class Identifier…
|
CWE-119
Incorrect Access of Indexable Resource ('Range Error')
|
CVE-2017-9351
|
2024-11-21 12:35 |
2017-06-2 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
247089
|
7.5 |
HIGH
Network
|
wireshark
|
wireshark
|
In Wireshark 2.2.0 to 2.2.6 and 2.0.0 to 2.0.12, the openSAFETY dissector could crash or exhaust system memory. This was addressed in epan/dissectors/packet-opensafety.c by checking for a negative le…
|
CWE-20
CWE-770
Improper Input Validation
Allocation of Resources Without Limits or Throttling
|
CVE-2017-9350
|
2024-11-21 12:35 |
2017-06-2 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
247090
|
7.5 |
HIGH
Network
|
wireshark
debian
|
wireshark
debian_linux
|
In Wireshark 2.2.0 to 2.2.6 and 2.0.0 to 2.0.12, the DICOM dissector has an infinite loop. This was addressed in epan/dissectors/packet-dcm.c by validating a length value.
|
CWE-835
Loop with Unreachable Exit Condition ('Infinite Loop')
|
CVE-2017-9349
|
2024-11-21 12:35 |
2017-06-2 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
