|
247581
|
7.8 |
HIGH
Local
|
usbpcap_project
|
usbpcap
|
The IofCallDriver function in USBPcap 1.1.0.0 allows local users to gain privileges via a crafted 0x00090028 IOCTL call, which triggers a NULL pointer dereference.
|
CWE-476
NULL Pointer Dereference
|
CVE-2017-6178
|
2024-11-21 12:29 |
2017-03-21 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
247582
|
7.5 |
HIGH
Network
|
qemu
|
qemu
|
Buffer overflow in NetRxPkt::ehdr_buf in hw/net/net_rx_pkt.c in QEMU (aka Quick Emulator), when the VLANSTRIP feature is enabled on the vmxnet3 device, allows remote attackers to cause a denial of se…
|
CWE-120
Classic Buffer Overflow
|
CVE-2017-6058
|
2024-11-21 12:29 |
2017-03-21 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
247583
|
5.3 |
MEDIUM
Network
|
typo3
|
typo3
|
TYPO3 7.6.15 sends an http request to an index.php?loginProvider URI in cases with an https Referer, which allows remote attackers to obtain sensitive cleartext information by sniffing the network an…
|
CWE-319
Cleartext Transmission of Sensitive Information
|
CVE-2017-6370
|
2024-11-21 12:29 |
2017-03-18 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
247584
|
7.5 |
HIGH
Network
|
efssoft
|
easy_file_sharing_ftp_server
|
Easy File Sharing FTP Server version 3.6 is vulnerable to a directory traversal vulnerability which allows an attacker to list and download any file from any folder outside the FTP root Directory.
|
CWE-22
Path Traversal
|
CVE-2017-6510
|
2024-11-21 12:29 |
2017-03-16 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
247585
|
8.1 |
HIGH
Network
|
drupal
|
drupal
|
A 3rd party development library including with Drupal 8 development dependencies is vulnerable to remote code execution. This is mitigated by the default .htaccess protection against PHP execution, a…
|
CWE-829
Inclusion of Functionality from Untrusted Control Sphere
|
CVE-2017-6381
|
2024-11-21 12:29 |
2017-03-16 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
247586
|
7.5 |
HIGH
Network
|
drupal
|
drupal
|
Some administrative paths in Drupal 8.2.x before 8.2.7 did not include protection for CSRF. This would allow an attacker to disable some blocks on a site. This issue is mitigated by the fact that use…
|
CWE-352
Origin Validation Error
|
CVE-2017-6379
|
2024-11-21 12:29 |
2017-03-16 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
247587
|
7.5 |
HIGH
Network
|
drupal
|
drupal
|
When adding a private file via the editor in Drupal 8.2.x before 8.2.7, the editor will not correctly check access for the file being attached, resulting in an access bypass.
|
CWE-863
Incorrect Authorization
|
CVE-2017-6377
|
2024-11-21 12:29 |
2017-03-16 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
247588
|
4.7 |
MEDIUM
Network
|
sap
|
businessobjects_financial_consolidation
|
Cross-site scripting (XSS) vulnerability in the help component of SAP BusinessObjects Financial Consolidation 10.0.0.1933 allows remote attackers to inject arbitrary web script or HTML via a GET requ…
|
CWE-79
Cross-site Scripting
|
CVE-2017-6061
|
2024-11-21 12:29 |
2017-03-16 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
247589
|
6.1 |
MEDIUM
Network
|
epson
|
tmnet_webconfig
|
Cross-site scripting (XSS) vulnerability in EPSON TMNet WebConfig 1.00 allows remote attackers to inject arbitrary web script or HTML via the W_AD1 parameter to Forms/oadmin_1.
|
CWE-79
Cross-site Scripting
|
CVE-2017-6443
|
2024-11-21 12:29 |
2017-03-16 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
247590
|
5.5 |
MEDIUM
Local
|
ettercap-project
|
ettercap
|
The compile_tree function in ef_compiler.c in the Etterfilter utility in Ettercap 0.8.2 and earlier allows remote attackers to cause a denial of service (out-of-bounds read) via a crafted filter.
|
CWE-125
Out-of-bounds Read
|
CVE-2017-6430
|
2024-11-21 12:29 |
2017-03-16 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
