|
247771
|
6.5 |
MEDIUM
Local
|
virglrenderer_project
|
virglrenderer
|
Memory leak in the vrend_renderer_init_blit_ctx function in vrend_blitter.c in virglrenderer before 0.6.0 allows local guest OS users to cause a denial of service (host memory consumption) via a larg…
|
CWE-772
Missing Release of Resource after Effective Lifetime
|
CVE-2017-5993
|
2024-11-21 12:28 |
2017-03-15 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
247772
|
6.1 |
MEDIUM
Network
|
debian
opensuse_project
opensuse
viewvc
|
debian_linux
leap
viewvc
|
Cross-site scripting (XSS) vulnerability in the nav_path function in lib/viewvc.py in ViewVC before 1.0.14 and 1.1.x before 1.1.26 allows remote attackers to inject arbitrary web script or HTML via t…
|
CWE-79
Cross-site Scripting
|
CVE-2017-5938
|
2024-11-21 12:28 |
2017-03-15 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
247773
|
3.3 |
LOW
Local
|
linuxcontainers
|
lxc
|
lxc-user-nic in Linux Containers (LXC) allows local users with a lxc-usernet allocation to create network interfaces on the host and choose the name of those interfaces by leveraging lack of netns ow…
|
CWE-862
Missing Authorization
|
CVE-2017-5985
|
2024-11-21 12:28 |
2017-03-15 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
247774
|
5.5 |
MEDIUM
Local
|
virglrenderer_project
|
virglrenderer
|
Stack-based buffer overflow in the vrend_decode_set_framebuffer_state function in vrend_decode.c in virglrenderer before 926b9b3460a48f6454d8bbe9e44313d86a65447f, as used in Quick Emulator (QEMU), al…
|
CWE-787
Out-of-bounds Write
|
CVE-2017-5957
|
2024-11-21 12:28 |
2017-03-14 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
247775
|
9.8 |
CRITICAL
Network
|
bitlbee
|
bitlbee-libpurple
bitlbee
|
bitlbee-libpurple before 3.5.1 allows remote attackers to cause a denial of service (NULL pointer dereference and crash) and possibly execute arbitrary code via a file transfer request for a contact …
|
CWE-476
NULL Pointer Dereference
|
CVE-2017-5668
|
2024-11-21 12:28 |
2017-03-14 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
247776
|
9.8 |
CRITICAL
Network
|
qos
redhat
|
logback
satellite
satellite_capsule
|
QOS.ch Logback before 1.2.0 has a serialization vulnerability affecting the SocketServer and ServerSocketReceiver components.
|
CWE-502
Deserialization of Untrusted Data
|
CVE-2017-5929
|
2024-11-21 12:28 |
2017-03-13 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
247777
|
8.8 |
HIGH
Network
|
embedthis
|
goahead
|
A command-injection vulnerability exists in a web application on a custom-built GoAhead web server used on Foscam, Vstarcam, and multiple white-label IP camera models. The mail-sending form in the ma…
|
CWE-77
Command Injection
|
CVE-2017-5675
|
2024-11-21 12:28 |
2017-03-13 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
247778
|
9.8 |
CRITICAL
Network
|
embedthis
|
goahead
|
A vulnerability in a custom-built GoAhead web server used on Foscam, Vstarcam, and multiple white-label IP camera models allows an attacker to craft a malformed HTTP ("GET system.ini HTTP/1.1\n\n" - …
|
CWE-200
Information Exposure
|
CVE-2017-5674
|
2024-11-21 12:28 |
2017-03-13 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
247779
|
6.1 |
MEDIUM
Network
|
zammad
|
zammad
|
An issue was discovered in Zammad before 1.0.4, 1.1.x before 1.1.3, and 1.2.x before 1.2.1. XSS can be triggered via malicious HTML in a chat message or the content of a ticket article, when using ei…
|
CWE-79
Cross-site Scripting
|
CVE-2017-5621
|
2024-11-21 12:28 |
2017-03-13 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
247780
|
6.1 |
MEDIUM
Network
|
zammad
|
zammad
|
An XSS issue was discovered in Zammad before 1.0.4, 1.1.x before 1.1.3, and 1.2.x before 1.2.1. Attachments are opened in a new tab instead of getting downloaded. This creates an attack vector of exe…
|
CWE-79
Cross-site Scripting
|
CVE-2017-5620
|
2024-11-21 12:28 |
2017-03-13 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
