|
251891
|
6.5 |
MEDIUM
Network
|
docker
|
docker
|
Lack of content verification in Docker-CE (Also known as Moby) versions 1.12.6-0, 1.10.3, 17.03.0, 17.03.1, 17.03.2, 17.06.0, 17.06.1, 17.06.2, 17.09.0, and earlier allows a remote attacker to cause …
|
CWE-20
Improper Input Validation
|
CVE-2017-14992
|
2024-11-21 12:13 |
2017-11-2 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
251892
|
5.4 |
MEDIUM
Network
|
mahara
|
mahara
|
Mahara 15.04 before 15.04.15, 16.04 before 16.04.9, 16.10 before 16.10.6, and 17.04 before 17.04.4 are vulnerable to a user submitting a potential dangerous payload, e.g., XSS code, to be saved as th…
|
CWE-79
Cross-site Scripting
|
CVE-2017-14752
|
2024-11-21 12:13 |
2017-11-1 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
251893
|
7.5 |
HIGH
Network
|
nodejs
|
node.js
|
Node.js before 4.8.5, 6.x before 6.11.5, and 8.x before 8.8.0 allows remote attackers to cause a denial of service (uncaught exception and crash) by leveraging a change in the zlib module 1.2.9 makin…
|
CWE-20
Improper Input Validation
|
CVE-2017-14919
|
2024-11-21 12:13 |
2017-10-31 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
251894
|
7.5 |
HIGH
Network
|
saltstack
|
salt
|
SaltStack Salt before 2016.3.8, 2016.11.x before 2016.11.8, and 2017.7.x before 2017.7.2 allows remote attackers to cause a denial of service via a crafted authentication request.
|
CWE-20
Improper Input Validation
|
CVE-2017-14696
|
2024-11-21 12:13 |
2017-10-25 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
251895
|
9.8 |
CRITICAL
Network
|
saltstack
|
salt
|
Directory traversal vulnerability in minion id validation in SaltStack Salt before 2016.3.8, 2016.11.x before 2016.11.8, and 2017.7.x before 2017.7.2 allows remote minions with incorrect credentials …
|
CWE-22
Path Traversal
|
CVE-2017-14695
|
2024-11-21 12:13 |
2017-10-25 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
251896
|
4.7 |
MEDIUM
Local
|
pcu
|
pcu
|
The airbag detonation algorithm allows injury to passenger-car occupants via predictable Security Access (SA) data to the internal CAN bus (or the OBD connector). This affects the airbag control unit…
|
CWE-327
Use of a Broken or Risky Cryptographic Algorithm
|
CVE-2017-14937
|
2024-11-21 12:13 |
2017-10-20 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
251897
|
5.7 |
MEDIUM
Network
|
alienvault
|
unified_security_management
|
AlienVault USM v5.4.2 and earlier offers authenticated users the functionality of exporting generated reports via the "/ossim/report/wizard_email.php" script. Besides offering an export via a local d…
|
CWE-352
Origin Validation Error
|
CVE-2017-14956
|
2024-11-21 12:13 |
2017-10-19 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
251898
|
9.8 |
CRITICAL
Network
|
icu-project
|
international_components_for_unicode
|
Double free in i18n/zonemeta.cpp in International Components for Unicode (ICU) for C/C++ through 59.1 allows remote attackers to execute arbitrary code via a crafted string, aka a "redundant UVector …
|
CWE-415
Double Free
|
CVE-2017-14952
|
2024-11-21 12:13 |
2017-10-17 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
251899
|
8.8 |
HIGH
Network
|
opentext
|
documentum_content_server
|
OpenText Documentum Content Server (formerly EMC Documentum Content Server) through 7.3 does not properly validate the input of the PUT_FILE RPC-command, which allows any authenticated user to hijack…
|
CWE-20
Improper Input Validation
|
CVE-2017-15012
|
2024-11-21 12:13 |
2017-10-14 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
251900
|
4.3 |
MEDIUM
Network
|
opentext
|
documentum_content_server
|
OpenText Documentum Content Server (formerly EMC Documentum Content Server) through 7.3 contains the following design gap, which allows authenticated users to download arbitrary content files regardl…
|
CWE-269
Improper Privilege Management
|
CVE-2017-15014
|
2024-11-21 12:13 |
2017-10-14 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
