|
250921
|
8.8 |
HIGH
Network
|
apache
|
geode
|
When an Apache Geode server versions 1.0.0 to 1.4.0 is configured with a security manager, a user with DATA:WRITE privileges is allowed to deploy code by invoking an internal Geode function. This all…
|
CWE-863
Incorrect Authorization
|
CVE-2017-15695
|
2024-11-21 12:15 |
2018-06-14 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
250922
|
7.8 |
HIGH
Local
|
google
|
android
|
In the camera driver, an out-of-bounds access can occur due to an error in copying region params from user space in all Android releases from CAF (Android for MSM, Firefox OS for MSM, QRD Android) us…
|
CWE-129
Improper Validation of Array Index
|
CVE-2017-15857
|
2024-11-21 12:15 |
2018-06-13 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
250923
|
7.8 |
HIGH
Local
|
google
|
android
|
The value of fix_param->num_chans is received from firmware and if it is too large, an integer overflow can occur in wma_radio_chan_stats_event_handler() for the derived length len leading to a subse…
|
CWE-119
CWE-190
Incorrect Access of Indexable Resource ('Range Error')
Integer Overflow or Wraparound
|
CVE-2017-15854
|
2024-11-21 12:15 |
2018-06-13 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
250924
|
7.0 |
HIGH
Local
|
google
|
android
|
Due to a race condition in a bus driver, a double free in msm_bus_floor_vote_context() can potentially occur in all Android releases from CAF (Android for MSM, Firefox OS for MSM, QRD Android) using …
|
CWE-362
CWE-415
Race Condition
Double Free
|
CVE-2017-15843
|
2024-11-21 12:15 |
2018-06-13 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
250925
|
7.8 |
HIGH
Local
|
google
|
android
|
Buffer might get used after it gets freed due to unlocking the mutex before freeing the buffer in all Android releases from CAF (Android for MSM, Firefox OS for MSM, QRD Android) using the Linux Kern…
|
CWE-416
Use After Free
|
CVE-2017-15842
|
2024-11-21 12:15 |
2018-06-13 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
250926
|
7.5 |
HIGH
Network
|
reecerver_project
|
reecerver
|
reecerver is a web server. reecerver is vulnerable to a directory traversal issue, giving an attacker access to the filesystem by placing "../" in the url.
|
CWE-22
Path Traversal
|
CVE-2017-16188
|
2024-11-21 12:15 |
2018-06-7 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
250927
|
7.5 |
HIGH
Network
|
open-device_project
|
open-device
|
open-device creates a web interface for any device. open-device is vulnerable to a directory traversal issue, giving an attacker access to the filesystem by placing "../" in the url.
|
CWE-22
Path Traversal
|
CVE-2017-16187
|
2024-11-21 12:15 |
2018-06-7 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
250928
|
7.5 |
HIGH
Network
|
360class.jansenhm_project
|
360class.jansenhm
|
360class.jansenhm is a static file server. 360class.jansenhm is vulnerable to a directory traversal issue, giving an attacker access to the filesystem by placing "../" in the url.
|
CWE-22
Path Traversal
|
CVE-2017-16186
|
2024-11-21 12:15 |
2018-06-7 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
250929
|
7.5 |
HIGH
Network
|
uekw1511server_project
|
uekw1511server
|
uekw1511server is a static file server. uekw1511server is vulnerable to a directory traversal issue, giving an attacker access to the filesystem by placing "../" in the url.
|
CWE-22
Path Traversal
|
CVE-2017-16185
|
2024-11-21 12:15 |
2018-06-7 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
250930
|
7.5 |
HIGH
Network
|
scott-blanch-weather-app_project
|
scott-blanch-weather-app
|
scott-blanch-weather-app is a sample Node.js app using Express 4. scott-blanch-weather-app is vulnerable to a directory traversal issue, giving an attacker access to the filesystem by placing "../" i…
|
CWE-22
Path Traversal
|
CVE-2017-16184
|
2024-11-21 12:15 |
2018-06-7 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
