|
256201
|
7.0 |
HIGH
Local
|
linux
|
linux_kernel
|
An elevation of privilege vulnerability in the Qualcomm audio driver could enable a local malicious application to execute arbitrary code within the context of the kernel. This issue is rated as High…
|
NVD-CWE-noinfo
|
CVE-2017-0454
|
2024-11-21 12:03 |
2017-04-8 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
256202
|
4.3 |
MEDIUM
Network
|
nextcloud
|
nextcloud
nextcloud_server
|
Nextcloud Server before 9.0.55 and 10.0.2 suffers from a Content-Spoofing vulnerability in the "files" app. The top navigation bar displayed in the files list contained partially user-controllable in…
|
CWE-20
Improper Input Validation
|
CVE-2017-0888
|
2024-11-21 12:03 |
2017-04-6 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
256203
|
4.3 |
MEDIUM
Network
|
nextcloud
|
nextcloud_server
|
Nextcloud Server before 9.0.55 and 10.0.2 suffers from a bypass in the quota limitation. Due to not properly sanitizing values provided by the `OC-Total-Length` HTTP header an authenticated adversary…
|
CWE-20
Improper Input Validation
|
CVE-2017-0887
|
2024-11-21 12:03 |
2017-04-6 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
256204
|
6.5 |
MEDIUM
Network
|
nextcloud
|
nextcloud_server
|
Nextcloud Server before 9.0.55 and 10.0.2 suffers from a Denial of Service attack. Due to an error in the application logic an authenticated adversary may trigger an endless recursion in the applicat…
|
CWE-674
Uncontrolled Recursion
|
CVE-2017-0886
|
2024-11-21 12:03 |
2017-04-6 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
256205
|
4.3 |
MEDIUM
Network
|
nextcloud
|
nextcloud_server
|
Nextcloud Server before 9.0.55 and 10.0.2 suffers from a error message disclosing existence of file in write-only share. Due to an error in the application logic an adversary with access to a write-o…
|
CWE-200
Information Exposure
|
CVE-2017-0885
|
2024-11-21 12:03 |
2017-04-6 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
256206
|
4.3 |
MEDIUM
Network
|
nextcloud
|
nextcloud_server
|
Nextcloud Server before 9.0.55 and 10.0.2 suffers from a creation of folders in read-only folders despite lacking permissions issue. Due to a logical error in the file caching layer an authenticated …
|
CWE-732
Incorrect Permission Assignment for Critical Resource
|
CVE-2017-0884
|
2024-11-21 12:03 |
2017-04-6 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
256207
|
6.4 |
MEDIUM
Network
|
nextcloud
|
nextcloud_server
|
Nextcloud Server before 9.0.55 and 10.0.2 suffers from a permission increase on re-sharing via OCS API issue. A permission related issue within the OCS sharing API allowed an authenticated adversary …
|
CWE-732
Incorrect Permission Assignment for Critical Resource
|
CVE-2017-0883
|
2024-11-21 12:03 |
2017-04-6 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
256208
|
6.3 |
MEDIUM
Network
|
gitlab
|
gitlab
|
Multiple versions of GitLab expose sensitive user credentials when assigning a user to an issue or merge request. A fix was included in versions 8.15.8, 8.16.7, and 8.17.4, which were released on Mar…
|
CWE-200
Information Exposure
|
CVE-2017-0882
|
2024-11-21 12:03 |
2017-03-28 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
256209
|
4.3 |
MEDIUM
Network
|
zulip
|
zulip_server
|
An error in the implementation of an autosubscribe feature in the check_stream_exists route of the Zulip group chat application server before 1.4.3 allowed an authenticated user to subscribe to a pri…
|
CWE-863
Incorrect Authorization
|
CVE-2017-0881
|
2024-11-21 12:03 |
2017-03-28 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
256210
|
4.7 |
MEDIUM
Local
|
linux
|
linux_kernel
|
An information disclosure vulnerability in the kernel USB gadget driver could enable a local malicious application to access data outside of its permission levels. This issue is rated as Moderate bec…
|
CWE-200
Information Exposure
|
CVE-2017-0537
|
2024-11-21 12:03 |
2017-03-8 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
