|
251701
|
8.8 |
HIGH
Network
|
zoom
|
zoom
|
The ZoomLauncher binary in the Zoom client for Linux before 2.0.115900.1201 does not properly sanitize user input when constructing a shell command, which allows remote attackers to execute arbitrary…
|
CWE-78
OS Command
|
CVE-2017-15049
|
2024-11-21 12:14 |
2017-12-20 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
251702
|
8.8 |
HIGH
Network
|
zoom
|
zoom
|
Stack-based buffer overflow in the ZoomLauncher binary in the Zoom client for Linux before 2.0.115900.1201 allows remote attackers to execute arbitrary code by leveraging the zoommtg:// scheme handle…
|
CWE-119
Incorrect Access of Indexable Resource ('Range Error')
|
CVE-2017-15048
|
2024-11-21 12:14 |
2017-12-20 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
251703
|
9.1 |
CRITICAL
Network
|
kemptechnologies
|
web_application_firewall
|
The Application Firewall Pack (AFP, aka Web Application Firewall) component on Kemp Load Balancer devices with software before 7.2.40.1 allows a Security Feature Bypass via an HTTP POST request.
|
NVD-CWE-noinfo
|
CVE-2017-15524
|
2024-11-21 12:14 |
2017-12-19 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
251704
|
7.8 |
HIGH
Local
|
heketi_project
redhat
|
heketi
enterprise_linux
|
An access flaw was found in Heketi 5, where the heketi.json configuration file was world readable. An attacker having local access to the Heketi server could read plain-text passwords from the heketi…
|
-
|
CVE-2017-15104
|
2024-11-21 12:14 |
2017-12-19 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
251705
|
8.8 |
HIGH
Network
|
heketi_project
redhat
|
heketi
enterprise_linux
|
A security-check flaw was found in the way the Heketi 5 server API handled user requests. An authenticated Heketi user could send specially crafted requests to the Heketi server, resulting in remote …
|
-
|
CVE-2017-15103
|
2024-11-21 12:14 |
2017-12-19 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
251706
|
3.3 |
LOW
Local
|
symantec
|
norton_family
|
Prior to 4.4.1.10, the Norton Family Android App can be susceptible to an Information Disclosure issue. Information disclosure is a very common issue that attackers will attempt to exploit as a first…
|
CWE-200
Information Exposure
|
CVE-2017-15530
|
2024-11-21 12:14 |
2017-12-14 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
251707
|
6.2 |
MEDIUM
Local
|
symantec
|
norton_family
|
Prior to 4.4.1.10, the Norton Family Android App can be susceptible to a Denial of Service (DoS) exploit. A DoS attack is a type of attack whereby the perpetrator attempts to make a particular device…
|
CWE-400
Uncontrolled Resource Consumption
|
CVE-2017-15529
|
2024-11-21 12:14 |
2017-12-14 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
251708
|
5.5 |
MEDIUM
Local
|
redhat
|
enterprise_linux_desktop
enterprise_linux_workstation
enterprise_linux
enterprise_linux_server
enterprise_linux_server_tus
enterprise_linux_server_eus
enterprise_linux_server_aus
|
A non-privileged user is able to mount a fuse filesystem on RHEL 6 or 7 and crash a system if an application punches a hole in a file that does not end aligned to a page boundary.
|
-
|
CVE-2017-15121
|
2024-11-21 12:14 |
2017-12-7 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
251709
|
7.4 |
HIGH
Local
|
arqbackup
|
arq
|
The setpermissions function in the auto-updater in Arq before 5.9.7 for Mac allows local users to gain root privileges via a symlink attack on the updater binary itself.
|
CWE-362
CWE-59
Race Condition
Link Following
|
CVE-2017-15357
|
2024-11-21 12:14 |
2017-12-2 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
251710
|
9.8 |
CRITICAL
Network
|
inedo
|
otter
|
Inedo Otter before 1.7.4 has directory traversal in filesystem-based rafts via vectors involving '/' characters or initial '.' characters, aka OT-181.
|
CWE-22
Path Traversal
|
CVE-2017-15607
|
2024-11-21 12:14 |
2017-12-1 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
