|
251761
|
8.8 |
HIGH
Network
|
intelliants
|
subrion
|
There are CSRF vulnerabilities in Subrion CMS 4.1.x through 4.1.5, and before 4.2.0, because of a logic error. Although there is functionality to detect CSRF, it is called too late in the ia.core.php…
|
CWE-352
Origin Validation Error
|
CVE-2017-15063
|
2024-11-21 12:14 |
2017-10-6 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
251762
|
7.8 |
HIGH
Local
|
upx_project
|
upx
|
p_lx_elf.cpp in UPX 3.94 mishandles ELF headers, which allows remote attackers to cause a denial of service (application crash) or possibly have unspecified other impact via a crafted binary file, as…
|
CWE-476
NULL Pointer Dereference
|
CVE-2017-15056
|
2024-11-21 12:14 |
2017-10-6 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
251763
|
9.8 |
CRITICAL
Network
|
redislabs
|
redis
|
The clusterLoadConfig function in cluster.c in Redis 4.0.2 allows attackers to cause a denial of service (out-of-bounds array index and application crash) or possibly have unspecified other impact by…
|
CWE-119
Incorrect Access of Indexable Resource ('Range Error')
|
CVE-2017-15047
|
2024-11-21 12:14 |
2017-10-6 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
251764
|
5.5 |
MEDIUM
Local
|
lame_project
|
lame
|
LAME 3.99.5, 3.99.4, 3.98.4, 3.98.2, 3.98 and 3.97 have a stack-based buffer overflow in unpack_read_samples in frontend/get_audio.c, a different vulnerability than CVE-2017-9412.
|
CWE-119
Incorrect Access of Indexable Resource ('Range Error')
|
CVE-2017-15046
|
2024-11-21 12:14 |
2017-10-6 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
251765
|
8.1 |
HIGH
Network
|
suse
|
studio_onsite
susestudio-ui-server
|
An Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in susestudio-ui-server of SUSE Studio onsite allows remote attackers with admin privileges in St…
|
CWE-89
SQL Injection
|
CVE-2017-14807
|
2024-11-21 12:13 |
2020-01-27 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
251766
|
5.9 |
MEDIUM
Network
|
suse
|
studio_onsite
susestudio-ui-server
|
A Improper Certificate Validation vulnerability in susestudio-common of SUSE Studio onsite allows remote attackers to MITM connections to the repositories, which allows the modification of packages r…
|
CWE-295
Improper Certificate Validation
|
CVE-2017-14806
|
2024-11-21 12:13 |
2020-01-27 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
251767
|
9.8 |
CRITICAL
Network
|
labf
|
nfsaxe
|
Buffer overflow in LabF nfsAxe FTP client 3.7 allows an attacker to execute code remotely.
|
CWE-119
Incorrect Access of Indexable Resource ('Range Error')
|
CVE-2017-14742
|
2024-11-21 12:13 |
2019-10-26 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
251768
|
9.8 |
CRITICAL
Network
|
dlink
|
dir-868l_firmware
dir-890l_firmware
dir-885l_firmware
dir-895l_firmware
dir-880l_firmware
dir-895r_firmware
|
Certain D-Link products are affected by: Buffer Overflow. This affects DIR-880L 1.08B04 and DIR-895 L/R 1.13b03. The impact is: execute arbitrary code (remote). The component is: htdocs/fileaccess.cg…
|
CWE-120
Classic Buffer Overflow
|
CVE-2017-14948
|
2024-11-21 12:13 |
2019-10-15 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
251769
|
9.8 |
CRITICAL
Network
|
orpak
|
siteomat
|
A stack buffer overflow exists in one of the Orpak SiteOmat CGI components, allowing for remote code execution. The vulnerability affects all versions prior to 2017-09-25.
|
CWE-119
Incorrect Access of Indexable Resource ('Range Error')
|
CVE-2017-14854
|
2024-11-21 12:13 |
2019-06-4 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
251770
|
9.8 |
CRITICAL
Network
|
orpak
|
siteomat
|
The Orpak SiteOmat OrCU component is vulnerable to code injection, for all versions prior to 2017-09-25, due to a search query that uses a direct shell command. By tampering with the request, an atta…
|
CWE-94
Code Injection
|
CVE-2017-14853
|
2024-11-21 12:13 |
2019-06-4 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
