|
253921
|
4.7 |
MEDIUM
Local
|
linux
|
linux_kernel
|
In the Linux kernel before 4.15, fs/ocfs2/aops.c omits use of a semaphore and consequently has a race condition for access to the extent tree during read operations in DIRECT mode, which allows local…
|
CWE-362
Race Condition
|
CVE-2017-18224
|
2024-11-21 12:19 |
2018-03-12 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
253922
|
8.1 |
HIGH
Network
|
bmc
|
remedy_action_request_system
|
BMC Remedy AR System before 9.1 SP3, when Remedy AR Authentication is enabled, allows attackers to obtain administrative access.
|
CWE-287
Improper Authentication
|
CVE-2017-18223
|
2024-11-21 12:19 |
2018-03-11 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
253923
|
7.8 |
HIGH
Local
|
linux
|
linux_kernel
|
In the Linux kernel before 4.12, Hisilicon Network Subsystem (HNS) does not consider the ETH_SS_PRIV_FLAGS case when retrieving sset_count data, which allows local users to cause a denial of service …
|
CWE-119
Incorrect Access of Indexable Resource ('Range Error')
|
CVE-2017-18222
|
2024-11-21 12:19 |
2018-03-8 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
253924
|
5.5 |
MEDIUM
Local
|
linux
|
linux_kernel
|
The __munlock_pagevec function in mm/mlock.c in the Linux kernel before 4.11.4 allows local users to cause a denial of service (NR_MLOCK accounting corruption) via crafted use of mlockall and munlock…
|
CWE-20
Improper Input Validation
|
CVE-2017-18221
|
2024-11-21 12:19 |
2018-03-7 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
253925
|
8.8 |
HIGH
Network
|
graphicsmagick
|
graphicsmagick
|
The ReadOneJNGImage and ReadJNGImage functions in coders/png.c in GraphicsMagick 1.3.26 allow remote attackers to cause a denial of service (magick/blob.c CloseBlob use-after-free) or possibly have u…
|
CWE-416
Use After Free
|
CVE-2017-18220
|
2024-11-21 12:19 |
2018-03-6 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
253926
|
6.5 |
MEDIUM
Network
|
graphicsmagick
debian
|
graphicsmagick
debian_linux
|
An issue was discovered in GraphicsMagick 1.3.26. An allocation failure vulnerability was found in the function ReadOnePNGImage in coders/png.c, which allows attackers to cause a denial of service vi…
|
CWE-770
Allocation of Resources Without Limits or Throttling
|
CVE-2017-18219
|
2024-11-21 12:19 |
2018-03-6 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
253927
|
7.8 |
HIGH
Local
|
linux
|
linux_kernel
|
In drivers/net/ethernet/hisilicon/hns/hns_enet.c in the Linux kernel before 4.13, local users can cause a denial of service (use-after-free and BUG) or possibly have unspecified other impact by lever…
|
CWE-416
Use After Free
|
CVE-2017-18218
|
2024-11-21 12:19 |
2018-03-6 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
253928
|
6.1 |
MEDIUM
Network
|
invoiceplane
|
invoiceplane
|
An issue was discovered in InvoicePlane before 1.5.5. It was observed that the Email address and Web address parameters are vulnerable to Cross Site Scripting, related to application/modules/clients/…
|
CWE-79
Cross-site Scripting
|
CVE-2017-18217
|
2024-11-21 12:19 |
2018-03-6 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
253929
|
5.5 |
MEDIUM
Local
|
linux
|
linux_kernel
|
In fs/ocfs2/cluster/nodemanager.c in the Linux kernel before 4.15, local users can cause a denial of service (NULL pointer dereference and BUG) because a required mutex is not used.
|
CWE-476
NULL Pointer Dereference
|
CVE-2017-18216
|
2024-11-21 12:19 |
2018-03-6 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
253930
|
9.8 |
CRITICAL
Network
|
xv_project
opensuse
|
xv
leap
|
xvpng.c in xv 3.10a has memory corruption (out-of-bounds write) when decoding PNG comment fields, leading to crashes or potentially code execution, because it uses an incorrect length value.
|
CWE-787
Out-of-bounds Write
|
CVE-2017-18215
|
2024-11-21 12:19 |
2018-03-6 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
