|
246941
|
5.5 |
MEDIUM
Local
|
surina
|
soundtouch
|
The TDStretchSSE::calcCrossCorr function in source/SoundTouch/sse_optimized.cpp in SoundTouch 1.9.2 allows remote attackers to cause a denial of service (heap-based buffer over-read and application c…
|
CWE-125
Out-of-bounds Read
|
CVE-2017-9260
|
2024-11-21 12:35 |
2017-07-27 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
246942
|
5.5 |
MEDIUM
Local
|
surina
|
soundtouch
|
The TDStretch::acceptNewOverlapLength function in source/SoundTouch/TDStretch.cpp in SoundTouch 1.9.2 allows remote attackers to cause a denial of service (memory allocation error and application cra…
|
CWE-400
Uncontrolled Resource Consumption
|
CVE-2017-9259
|
2024-11-21 12:35 |
2017-07-27 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
246943
|
5.5 |
MEDIUM
Local
|
surina
|
soundtouch
|
The TDStretch::processSamples function in source/SoundTouch/TDStretch.cpp in SoundTouch 1.9.2 allows remote attackers to cause a denial of service (infinite loop and CPU consumption) via a crafted wa…
|
CWE-835
Loop with Unreachable Exit Condition ('Infinite Loop')
|
CVE-2017-9258
|
2024-11-21 12:35 |
2017-07-27 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
246944
|
7.5 |
HIGH
Network
|
libexpat_project
python
debian
|
libexpat
python
debian_linux
|
XML External Entity vulnerability in libexpat 2.2.0 and earlier (Expat XML Parser Library) allows attackers to put the parser in an infinite loop using a malformed external entity definition from an …
|
CWE-611
CWE-835
XXE
Loop with Unreachable Exit Condition ('Infinite Loop')
|
CVE-2017-9233
|
2024-11-21 12:35 |
2017-07-26 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
246945
|
7.5 |
HIGH
Network
|
google
|
news_and_weather
|
The Google News and Weather application before 3.3.1 for Android allows remote attackers to read OAuth tokens by sniffing the network and leveraging the lack of SSL.
|
CWE-200
Information Exposure
|
CVE-2017-9245
|
2024-11-21 12:35 |
2017-07-19 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
246946
|
6.5 |
MEDIUM
Network
|
owncloud
|
owncloud
|
An attacker is logged in as a normal user and can somehow make admin to delete shared folders in ownCloud Server before 10.0.2.
|
NVD-CWE-noinfo
|
CVE-2017-9340
|
2024-11-21 12:35 |
2017-07-18 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
246947
|
5.3 |
MEDIUM
Network
|
owncloud
|
owncloud
|
A logical error in ownCloud Server before 10.0.2 caused disclosure of valid share tokens for public calendars. Thus granting an attacker potentially access to publicly shared calendars without knowin…
|
NVD-CWE-noinfo
|
CVE-2017-9339
|
2024-11-21 12:35 |
2017-07-18 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
246948
|
5.4 |
MEDIUM
Network
|
owncloud
|
owncloud
|
Inadequate escaping lead to XSS vulnerability in the search module in ownCloud Server before 8.2.12, 9.0.x before 9.0.10, 9.1.x before 9.1.6, and 10.0.x before 10.0.2. To be exploitable a user has to…
|
CWE-79
Cross-site Scripting
|
CVE-2017-9338
|
2024-11-21 12:35 |
2017-07-18 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
246949
|
5.9 |
MEDIUM
Network
|
golang
fedoraproject
novell
opensuse
|
go
fedora
suse_package_hub_for_suse_linux_enterprise
leap
|
A bug in the standard library ScalarMult implementation of curve P-256 for amd64 architectures in Go before 1.7.6 and 1.8.x before 1.8.2 causes incorrect results to be generated for specific input po…
|
CWE-682
Incorrect Calculation
|
CVE-2017-8932
|
2024-11-21 12:35 |
2017-07-7 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
246950
|
6.1 |
MEDIUM
Network
|
webmin
|
webmin
|
Multiple Cross-site scripting (XSS) vulnerabilities in Webmin before 1.850 allow remote attackers to inject arbitrary web script or HTML via the sec parameter to view_man.cgi, the referers parameter …
|
CWE-79
Cross-site Scripting
|
CVE-2017-9313
|
2024-11-21 12:35 |
2017-07-4 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
