|
253261
|
5.5 |
MEDIUM
Local
|
linux
|
linux_kernel
|
The waitid implementation in kernel/exit.c in the Linux kernel through 4.13.4 accesses rusage data structures in unintended cases, which allows local users to obtain sensitive information, and bypass…
|
CWE-200
Information Exposure
|
CVE-2017-14954
|
2024-11-21 12:13 |
2017-10-2 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
253262
|
6.5 |
MEDIUM
Network
|
jaspersoft
|
jasperreports
|
Jaspersoft JasperReports 4.7 suffers from a saved credential disclosure vulnerability, which allows a remote authenticated user to retrieve stored Data Source passwords by accessing flow.html and rea…
|
CWE-200
Information Exposure
|
CVE-2017-14941
|
2024-11-21 12:13 |
2017-10-2 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
253263
|
7.5 |
HIGH
Adjacent
|
philips
|
hue_bridge_bsb002_firmware
|
Lack of Transport Encryption in the public API in Philips Hue Bridge BSB002 SW 1707040932 allows remote attackers to read API keys (and consequently bypass the pushlink protection mechanism, and obta…
|
CWE-326
Inadequate Encryption Strength
|
CVE-2017-14797
|
2024-11-21 12:13 |
2017-10-1 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
253264
|
7.8 |
HIGH
Local
|
artifex
|
gsview
|
Artifex GSView 6.0 Beta on Windows allows attackers to execute arbitrary code or cause a denial of service via a crafted .xps file, related to a "Read Access Violation on Block Data Move starting at …
|
CWE-119
Incorrect Access of Indexable Resource ('Range Error')
|
CVE-2017-14947
|
2024-11-21 12:13 |
2017-09-30 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
253265
|
7.8 |
HIGH
Local
|
artifex
|
gsview
|
Artifex GSView 6.0 Beta on Windows allows attackers to cause a denial of service or possibly have unspecified other impact via a crafted .pdf file, related to "Data from Faulting Address controls Bra…
|
CWE-119
Incorrect Access of Indexable Resource ('Range Error')
|
CVE-2017-14946
|
2024-11-21 12:13 |
2017-09-30 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
253266
|
7.8 |
HIGH
Local
|
artifex
|
gsview
|
Artifex GSView 6.0 Beta on Windows allows attackers to cause a denial of service or possibly have unspecified other impact via a crafted .pdf file, related to "Possible Stack Corruption starting at K…
|
CWE-119
Incorrect Access of Indexable Resource ('Range Error')
|
CVE-2017-14945
|
2024-11-21 12:13 |
2017-09-30 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
253267
|
7.5 |
HIGH
Network
|
inedo
|
proget
|
Inedo ProGet before 4.7.14 does not properly address dangerous package IDs during package addition, aka PG-1060.
|
CWE-20
Improper Input Validation
|
CVE-2017-14944
|
2024-11-21 12:13 |
2017-09-30 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
253268
|
9.8 |
CRITICAL
Network
|
intelbras
|
wrn_150_firmware
|
Intelbras WRN 150 devices allow remote attackers to read the configuration file, and consequently bypass authentication, via a direct request for cgi-bin/DownloadCfg/RouterCfm.cfg containing an admin…
|
CWE-552
Files or Directories Accessible to External Parties
|
CVE-2017-14942
|
2024-11-21 12:13 |
2017-09-30 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
253269
|
5.5 |
MEDIUM
Local
|
gnu
|
binutils
|
scan_unit_for_symbols in dwarf2.c in the Binary File Descriptor (BFD) library (aka libbfd), as distributed in GNU Binutils 2.29, allows remote attackers to cause a denial of service (NULL pointer der…
|
CWE-476
NULL Pointer Dereference
|
CVE-2017-14940
|
2024-11-21 12:13 |
2017-09-30 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
253270
|
5.5 |
MEDIUM
Local
|
gnu
|
binutils
|
decode_line_info in dwarf2.c in the Binary File Descriptor (BFD) library (aka libbfd), as distributed in GNU Binutils 2.29, mishandles a length calculation, which allows remote attackers to cause a d…
|
CWE-125
Out-of-bounds Read
|
CVE-2017-14939
|
2024-11-21 12:13 |
2017-09-30 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
